With data and privacy regulations such as PCI DSS, HIPAA, GDPR, and CCPA (California Consumer Privacy Act) evolving, law firms are busily helping their clients to achieve privacy compliance. As many legal professionals are learning, most clients do not have current data inventory of their sensitive information that needs regulating. Firms must contend in developing generic policies that their clients cannot effectively implement or enforce.
“69 percent of survey respondents stated that discovering where sensitive data resides within their organization is the greatest challenge of executing a data encryption strategy.”
HALOCK’s Sensitive Data Management solution supports your privacy engagements with data discovery capabilities and information security consultation to help shape your client’s privacy strategy.
You also benefit from leveraging the service for short-term engagements, saving you significant costs and training on new tools.
Schedule a call to review how you can identify and categorize sensitive data easily and efficiently for your clients.
Reasonable Security is Now Defined
The Sedona Conference – an influential think tank that advices attorneys, regulators, and judges on challenging technical matters – just released its Commentary on a Reasonable Security Test. The Commentary is the first document of its kind that provides the legal community with a clear definition of a “reasonable” security control.
HALOCK is a U.S.-based information security consulting firm that is privately owned and operate out of its headquarters in Schaumburg, IL since 1996. HALOCK helps clients prioritize and optimize their security investments by applying just the right amount of security to protect critical business assets while satisfying compliance requirements, social responsibility, and corporate goals.
HALOCK provides sensitive data management services for the entire life cycle – from identifying and categorizing sensitive data to assessing risk and controls for reasonable security. As principal authors of CIS Risk Assessment Method (RAM) and board members of The Duty of Care Risk Analysis (DoCRA) Council, HALOCK offers the unique insight to help organizations define their acceptable level of risk and establish “duty of care” for cybersecurity. Through this risk assessment method, businesses can evaluate cyber risk that is clear to legal authorities, regulators, executives, lay people, and security practitioners.