New Tool Determines Risk and Remediation Plans Across your Business

An influx of personal data collected by businesses puts businesses in a vulnerable situation. Lack of proper management of this data could result in fines if businesses are not measuring risk and establishing controls to mitigate potential risk. Furthermore, customers demand that their personal data be respected and managed with care. That’s why TrustArc built the Risk Profile. 

Powered by the TrustArc Intelligence Engine, the Risk Profile automatically scores inherent and residual risk of various business activities. Privacy managers and business unit leaders can now access the risk information they need to know, when they need it, and in the right context.

Risk Profile capabilities include:

  • Dashboard Widget: Using a simple scoring method, privacy managers and business leaders make a determination of how many risk factors are associated with any given business activity. With a high level view and an ability to dive deep into risk factors, users get greater visibility into risk across their business — straight from the dashboard. 
  • Risk Algorithm: The Risk Algorithm covers 40+ laws across the world. This intelligence helps companies identify high risk business activities, conduct the appropriate risk assessment, calculate the risk at the business activity level, and immediately understand overall organizational level risk. 
  • Risk Evaluation Heat Map: Privacy leaders have full control to go deeper within any business activity level to further investigate risk. With an easy-to-use heat map, users can indicate the perceived inherent risk of a particular business process. Ultimately, this risk evaluation measures and calculates the inherent risk.
  • Dynamically Generated Impact Assessment Reports: Privacy owners can now manage privacy programs with the confidence that they have the right controls in place for risky business processes. By determining the number of risk factors associated with business activities, users are streamlined to an appropriate PIA. These assessments result in dynamic reports that can be used in executive meetings, audits, and other business reviews.

Use these benefits in closing: 

  • Save time by automatically calculating risk and streamlining evaluation of controls in place to mitigate such risk 
  • Easily view and control risk across your organization and within any IT system, business process, or record
  • Communicate compliance needs to other leaders with dynamic reporting

In this age, companies being agile as they fight to keep up with consumer needs while also being responsible with the use of personal data. TrustArc is committed to helping businesses make business decisions faster, leveraging privacy intelligence to do so.

Want to learn more? We’d be happy to set you up with an expert

TrustArc Partners with Alibaba Cloud

We announced our newest partnership with Alibaba Cloud (the cloud computing arm of Alibaba Group) at the IAPP Asia Privacy Forum 2017.

As data privacy increases in importance for organizations of all sizes and maturity in Asia, TrustArc saw an opportunity to partner with one of the fastest-growing cloud computing companies in the world. Both TrustArc and Alibaba Cloud believe that as organizations continue to provide excellent experiences for their customers by collecting personal data, keeping up with evolving regulations and protecting data privacy is key. Scaling a privacy program requires using a combination of privacy expertise and technology.

This strategic partnership will bring TrustArc’s privacy compliance technology to Alibaba Cloud’s growing base of customers across Asia and around the world. Alibaba Cloud will be deploying TrustArc’s Data Privacy Management Platform and TRUSTe certification services within its organization to demonstrate compliance across the organization, minimize risk and build trust.

For other organizations, TrustArc is also offering its privacy platform through the Alibaba cloud infrastructure, providing businesses in Asia with a safe and efficient way to manage privacy compliance and risks via Alibaba Cloud’s extensive global network while minimizing the need to transfer information across international borders and any corresponding regulatory requirements.

TrustArc Chris Babel said:

Our partnership with them is an important step in our mission to enhance and streamline privacy compliance on a global basis.

This partnership continues our business application integration partnerships with top Business Intelligence, Governance Risk and Compliance, Help Desk, Human Capital Management, and IT System Management Applications. Examples of those integrations are:

  • Conducting privacy assessments in the TrustArc Platform that were triggered from GRC and HCM systems (e.g., Archer, SAP)
  • Exporting assessment remediation tasks from theTrustArc Platform into service desk systems (e.g., ServiceNow, JIRA) to track project status
  • Importing asset information from IT Service Management systems (e.g., BMC Remedy) to construct data maps for privacy risk analysis in the TrustArc Platform
  • Exporting risk assessment results and program metrics from theTrustArc Platform into business intelligence systems (e.g., Crystal Reports, Domo) to produce program accountability reports

See how the TrustArc Platform can help your organization, or contact us today to learn more.

The Legacy of the Cookie Directive

Saira Nayak
Director of Policy, TRUSTe

blankPhoto Source

According to the UK ICO’s latest report into cookie compliance they have received only 550 complaints, compared with 53,000 about unwanted marketing communications. TRUSTe’s analysis of the impact of the directive revealed that the majority of users were choosing to accept advertising cookies.

So, after a year of intense discussion and compliance headaches for EU companies, what will be the lasting legacy of this legislation?

I recently asked David Smith, the Deputy Commissioner at the ICO that very question. He responded:

One of the legacies [for the EU Cookie Directive] is actually for businesses to begin to think before they adopt new technologies, or other new developments, and make sure they’re privacy friendly.
Because actually if you turn the clock back to long before the Directive, leaving cookies on someone’s property without consent or even notice appears quite wrong. You’re putting some piece of text on my system, my device, which identifies me to you. And you’re doing it without even telling me, let alone getting my consent. That doesn’t feel right even though it had become common practice. So, the idea that you should have consent for cookies is actually correct. It’s just a challenge trying to sort of retrofit and rectify the status quo.” (more…)