See a Better ROI for Your Next Privacy Assessment
As your business grows, so do the requirements and expectations for privacy assessments. Assessments require both depth and breadth of knowledge in order to assure their effectiveness, and strongly benefit from a long history of privacy expertise to help all stakeholders avoid any number of minefields. Assessments must also leverage the latest technologies for cost-efficient discovery, delivery and management. They should also bring to bear industry recognized assessment methodologies shaped by current best practices and future trajectories of laws, regulations and public opinion. Finally, they should be part of a larger, ongoing data privacy management strategy and not just a point-in-time review that becomes outdated the moment it’s complete.
TRUSTed Assessments
Leveraging the power of the TRUSTe Data Privacy Management Platform, TRUSTed Assessments provide a set of comprehensive risk assessments around data privacy management practices for organizations seeking to minimize compliance risk and protect their valued brand. For over 15 years, TRUSTe has provided thousands of businesses with guidance on their privacy practices through our certification programs. While some corporate activities and programs do not require a certification, applying the same analytical approach to them can provide valuable insight for developing holistic data privacy management strategies.
The methodology begins with discovery and analysis of your data collection practices, using a combination of technology and expert privacy consultants. Your practices are then assessed against your own policies, as well as prevailing requirements and industry standards, resulting in a gap analysis and remediation plan to help you reach your preferred privacy posture. For those activities where specific standards or compliance frameworks exist (GAPP, Safe Harbor, etc.) we can help you know when your company is operationally ready.
Many of the assessments can continue to provide value long after the process is complete. For example, data maps will become living documents that enable you to stay on top of changes within your organization. Data collection, discovery and remediation steps can also help you prepare for a TRUSTe certification program. Simultaneously conducting assessments and certification is a great way to save time and money.
TRUSTed Assessments gives you:
- An integral component of a comprehensive data privacy management strategy to address global enterprise compliance challenges
- The benefit of TRUSTe’s unique combination of privacy experts, risk analysis methodology, and technology
- The time and cost efficiencies of working with a single, trusted partner with a 140+ person team dedicated to privacy and 15+ years’ experience with over 5,000 clients across all industries
Key Features
TRUSTed Assessments follow a comprehensive and proven multi-step process to assess your privacy practices versus applicable regulatory and industry standards.
Custom Engagement Scoping
Define the set of privacy criteria and frameworks against which your privacy practices will be assessed. You can select a single set of principles such as the EU Safe Harbor requirements for Human Resource (HR) Data or a variety of legal/regulatory requirements, corporate policies, industry guidelines and best practices, certification requirements and other factors you choose. Your criteria can encompass multiple geographies and we can assess your readiness for a change in business practices. Once your objectives are defined, TRUSTed Assessments consultants will compile a comprehensive list of policies, activities and requirements against which your current practices will be compared.
Data Collection & Discovery
A TRUSTed Assessment begins with a review of your data privacy management practices to identify a range of information including what data you collect, how you use it, who you share it with, third party agreements, use of trackers, privacy disclosures, opt-outs, and much more. We also review your stated privacy practices and policies. The TRUSTe team uses a combination of methodologies including a manual evaluation of your privacy practices by our team of privacy analysts, company interviews and on-site engagements, and digital property scanning tools.
Digital Property Scanning Tools
TRUSTe will apply our proprietary scanning technology to the applicable websites and mobile apps, providing comprehensive insight into the variety of data collection activities happening throughout your site and apps. The scan will uncover what could take dozens to hundreds of hours to accomplish manually with internal resources. You’ll find the first and third party trackers with detailed information about them including identity, location, type of tracker and URL. The scan will also shed light into the tracking technologies used, and the entire chain of tracker source (“daisy chain”). You will also get a scoring and evaluation of third party tracker severity, using a proprietary algorithm that calculates its Privacy Sensitivity Index (PSI). It will also provide insights into personally identifiable information (PII) data collection.
Data Flow Mapping
Our data mapping resources will enable you to develop detailed data maps of how personal information is collected, stored and shared, both within your organization and beyond (to third parties). Mapping helps you present, analyze and manage potentially large and complex exchanges of information. The archive lets you preserve your work, keep it up to date and share with others. While Data Maps are an important feature within the TRUSTed Assessment, they are also available on a standalone engagement.
Privacy Findings Report & Gap Analysis
We present you with a Privacy Findings Report summarizing a gap analysis between your privacy practices, and industry guidelines, regulatory requirements and TRUSTe’s own set of best practices. We also provide a set of recommendation changes for improving your privacy posture.
Risk Analysis & Management
TRUSTe analyzes your data management practices alongside relevant regulations, industry best practices and prevailing consumer expectations to identify your organization’s privacy risks and prioritize your remediation activities. Our methodology includes a broad look at all risk factors, including those introduced by service providers, vendors and other third parties. The process results in a valuable roadmap for both short and long-term risk management and strategic planning.
Recommendations & Ongoing Guidance
A CIPP-trained consultant with extensive domain expertise will personally guide you through your assessment. Our consultants are available for onsite meetings and data collection, and continue to work with you, delivering a customized presentation of findings. You will also have access to educational webinars, seminars, white papers, and research reports.
Assessment Offerings
Whether you need an EU Safe Harbor Assessment, a Privacy Impact Assessment (PIA) or a custom engagement, the TRUSTe team can help you with your data privacy management program.
Privacy Impact Assessments
Understand how business changes impact your privacy posture.Privacy Impact Assessments (PIA) focus on assessing a particular product, program or mobile app, to identify and minimize privacy risks. Depending on the specific scope of the project, deliverables may include a map describing the data lifecycle and initial drafts of key policy documents (such as internal privacy guidelines and an external privacy policy), including recommended contractual considerations for vendors/partners, and other relevant documents.
EU Safe Harbor - HR Data Privacy Assessment
Assess how you conform to EU rules for employee data transfer.EU Safe Harbor for HR Data Assessments prepares companies to verify compliance with the US-EU and US-Swiss Safe Harbor Framework. TRUSTe helps identify relevant employee data flows, assess policies and practices against the framework, and analyzes any issues concerning vendors and service providers such as payroll and benefits services. Armed with our gap analysis and remediation recommendations, TRUSTe can assist in the development of polices, training programs, and help you prepare for the self-certification process with the U.S. Department of Commerce.
EU Safe Harbor - Customer Data Privacy Assessment
Assess how you conform to EU rules for customer data transfer.The TRUSTe US-EU and US-Swiss Safe Harbor Privacy Assessment helps verify your compliance with the Safe Harbor Framework, includes alternative dispute resolution, and helps your organization get ready for self-certification with the U.S. Department of Commerce.
Learn More »
TRUSTe Data Privacy Management Services
TRUSTed Assessments is part of our Data Privacy Management (DPM) Service solutions which include assessments and a wide range of certifications. DPM Services are managed by a team of TRUSTe privacy experts who combine 15+ years of expertise, a proven methodology and the power of our industry leading DPM platform to deliver solutions to you.
TRUSTe Data Privacy Management Platform
The DPM Platform is our comprehensive, SaaS-based technology solution which is available stand-alone and also used by TRUSTe to deliver our DPM Services.
For more information, visit TRUSTe Data Privacy Management Platform.
Watch the Video »
Download Now »
Why TRUSTe
- Comprehensive Suite
- Global Presence
- Regulatory Experience
- Robust Platform
- Flexible Support
- Cost Effective
- Cross-Industry Experience
- Trusted Brand
- Learn More »