Privacy Audit - A Critical Step Toward Compliance, Transparency & Trust
The landscape is currently changing for tech companies. Any company, website or app owner that provides a platform for or collects any data from the public is particularly vulnerable. What is done with the data, how it is stored, where it is stored and the verified ability to delete it and the associated internal policies and protocols are key areas of concern. A privacy audit is done for a few reasons:
- To assess readiness for introducing new privacy rights terms to customers, users, partners, suppliers, vendors and/or app developers.
- To manage a crisis, bringing in an objective third party is a step toward restoring public confidence.
- To validate existing internal audit, policies and procedures for compliance.
Following is a brief summary of how Intuitive Edge approaches a privacy audit. Doing so increases shareholder value.
The objective of an Intuitive Edge Privacy Audit is to assess a tech company's current risk and mitigation involving its contractual language. It is a review of the tech company's existing compliance with its own privacy protocol for dissemination of data mined and used by the tech company.
Intuitive Edge reviews the complete life-cycle of tech company's user data and information obtained from its operations as a start-up and into the perpetuity of the life of the information to its destruction or deletion if there is a cradle to grave protocol. Intuitive Edge determines if the data at the tech company has an indefinite life and if not, what validation of proper deletion of data can be monitored, tracked and verified with new procedures suggested and drafted by Intuitive Edge.
A detailed report is produced and presented to an internal executive team or board. The report includes observations, findings, shareholder risk and financial exposure assessment, a recommended implementation plan and an illustrated return on investment.