Tueoris provides the expertise to assist your organization in preparing to meet the Privacy Shield Principles and certify with the Department of Commerce for the Privacy Shield program.
General Data Protection Regulation (GDPR) Readiness
GDPR went into effect in May 2018 and impacts businesses expanding into the EU. Businesses operating in the EU must comply with the GDPR requirements for heightened safeguards surrounding personal data of EU residents or organizations.
Now is the time to start your preparations to operate under in the EU and become GDPR compliant. Tueoris has the professionals and the hands-on experience to help you establish and operationalize a program that meets both GDPR requirements and your business needs. From assessing the current state of your privacy program, to creating a roadmap toward your expansion to the EU, and through to operationalizing required components, our professionals will get your business positioned to meet GDPR compliance obligations.
California Privacy Rights Act (CPRA) Readiness
CPRA goes into effect on January 1, 2023 but applies to personal data collected after January 1, 2022. CPRA reaches across California borders to impact organizations processing personal data of California residents, no matter where those organizations are located.
Now is the time to start your preparations to operate under CPRA. Tueoris has the professionals and the hands-on experience to help you establish and operationalize a program that meets both CPRA requirements and your business needs. From assessing the current state of your privacy program, to creating a roadmap toward January 2023, and through to operationalizing required components, our professionals will get your business positioned to meet CPRA compliance obligations.
International Data Transfer Strategy and Solutions
Tueoris’ practitioners understand that the movement of personal data across international borders carries significant regulatory obligations and risks. Developing a strategy for cross-border transfers and compliance requires not only a clear understanding of the flow of data, but also the applicable regulations and available solutions. The transfer landscape is only complicated by the exit of the UK from EU (Brexit). Determining whether to rely on Consent, Standard Contractual Clauses, or Binding Corporate Rules can be a confusing exercise. Tueoris applies detailed analysis of data flows and business needs, in order to assist organizations in developing effective strategies that optimize the use of personal data in line with applicable legal, regulatory and industry requirements.
Implementation of Standard Contractual Clauses (EU and UK)
Including development of playbooks for legal and procurement and collaborating with legal/contracts team to identify existing and new vendors for which SCCs may be appropriate or necessary.
Transfer Impact Assessments
Where transfers of EU resident personal data are planned or taking place, Tueoris can support the drafting of required TIAs using its proprietary risk framework to develop full transfer impact reports.
Intra-Group Data Transfer Agreements
Tueoris supports the design and implementation of Intra-Group Data Transfer Agreements based on a foundation of SCCs that meets legal requirements and your business needs.
Privacy Program Development
A privacy program consists of the organization, processes and procedures, and technology to ensure business wide protection of personal data. Tueoris has extensive experience developing privacy programs for small, medium and large organizations. Our team tailors the program based on the appropriate regulating authority, compliance and budget of each client.
For organizations seeking support in standing up a privacy program, Tueoris can help build and maintain a program based on leading standards and best industry practices. Our services range from affordable “privacy in a box” packages of templatized program documentation, to provision of full support in developing and operationalizing robust privacy programs designed to meet business needs and limit risks associated with the collection and processing of personal data.
Tueoris uses a highly efficient methodology to create data maps that will provide your internal and external stakeholders with the information they need to manage personal data and associated risks.
Your privacy policies and procedures are only as good as the adoption by your employees. Tueoris provides training that effectively communicates not only the actions your employees must take when handling personal data, but also the reasons driving the required behavior.
Our training services range from developing customized enterprise training content to the delivery of standalone modules that cover a full range of privacy and data protection rules, regulations and enterprise program requirements. As required to meet the unique needs of your business and employees, we will provide training experts to deliver live onsite training or provide online training modules that can be viewed on an on-demand basis.
Privacy Impact Assessments (PIAs)
At Tueoris, our team has extensive experience drafting Privacy Impact Assessments for a variety of our clients. We can help your business assess its privacy risks by building and developing PIAs in automation tools (E.g.: OneTrust; TrustArc; WireWheel) or spreadsheets. Tueoris will work with your business to develop appropriate procedures after the creation of a PIA.
Tueoris can assist on the management of PIAs by training your associates when to submit PIAs, managing intake and review of PIAs, as well as conducting follow up interviews after receiving PIAs.
Privacy Organizational Development
Tueoris can help your business meet its privacy needs by assisting in the creation of a privacy team or assessing your existing privacy team. We will provide recommendations of specific areas where changes can be implemented, giving you the tools to better plan for future hires, increase the effectiveness of those currently employed, and ensure the successful future of your business as a whole.
The Tueoris team includes consultants with years of OneTrust implementation and certified OneTrust Professionals. Areas of expertise include Assessment Automation, Data Mapping, Data Subject Requests, Cookies Compliance and Vendor Risk Management.