Assessment
Burton Law can conduct a security and data privacy assessment to include:
- Federal laws, such as:
- Gramm-Leach Bliley (GLBA)
- Health Insurance Portability and Accountability Act (HIPAA)
- HITECH Act Enforcement Amendments (2009)
- Fair Credit Reporting Act (FCRA)
- Fair and Accurate Credit Transactions Act (FACTA)
- State laws, to include breach notification, encryption requirements and privacy policy;
- International data protection laws, including:
- EU Data Protection Directive and member state implementations thereof
- U.S. Safe Harbor requirements for EU compliance, such as model contracts and binding corporate rules
- Canadian Personal Information Protection and Electronic Documents Act (PIPEDA);
- EU Data Protection Directive and member state implementations thereof
- Agency-issued regulations, such as “Red Flags” and CAN-SPAM;
- Industry standards, such as credit card compliance (PCI)
Such assessment services include performing comprehensive privacy and information management assessments, including the preparation of data flow maps, security requirement checklists, and related gap analyses.