Partnering for Compliance
Legal advisory firms must guide their clients through the increasing complexities of data privacy and security requirements. HALOCK is your partner to help your clients achieve reasonable security and be in compliance – effectively and efficiently.
We collaborate with your firm to support your cyber security responsibilities. Our team will integrate with your process by focusing on the technical aspects of the engagement, starting with process inventory and data scanning.
Data Mapping & Data Inventory
- Process Mapping.
- A system and service provider inventory.
- An evidence-based asset inventory of where data is.
- Indicators to the client that information goes where they do not expect it to go.
The reporting and information resulting from these steps provide firms with a full perspective to conduct a proper interviews for a compliance gap assessment. Once that is complete, we proceed to a security risk assessment.
Security Risk Assessment
- Risk assessment criteria customized to the client.
- Duty of Care Risk Assessment.
- List of reasonable privacy and security controls.
Your client’s risk assessment will be conducted and based upon the Sedona Conference’s Commentary on a Reasonable Security Test. The Commentary is the first document of its kind that provides the legal community with a clear definition of a “reasonable” security control.
The information from the risk assessment will offer the right context for developing policies for your client. HALOCK can also support your efforts through templates and writing detailed standard or procedure documents.
Enforcement of Policies
Through security tools and processes, HALOCK can set up automated enforcement of the management of data. This could include movement of personal information or rules for discovered systems.
- Customized policies
- Powerful segmentation tools
- Sanitized environment
As this step is completed, we work together to help your client effectively manage their data privacy in their evolving business environment.
Ongoing Privacy Management
- Identify personal information that appears out of scope.
- Identify risk-based decisions to include or exclude new uses.
- Implementation of controls where risks are high, or when vulnerabilities are present – enforcement of policies.
As your partner, HALOCK manages the cyber security aspect of your data privacy engagements as an integrated process into your firm’s workflow. We can support your growing data privacy clients’ needs.
Schedule a call to learn how we can enhance your practice.