Call Us

US East: +1 513 401 7107

US West: +1 213 279 1055

​UK: +44 2038 802 321

CH: +41 44 585 91 15

Email Us

Stay Connected

  • Grey LinkedIn Icon
  • Grey Facebook Icon

Where We're Located

35 Rockridge, Englewood OH 45322

Copyright (c) 2019 by Allendevaux & Company LLC.  

All rights reserved.

Data Protection

Privacy Compliance and Data Protection

 

Privacy laws today continue to change and evolve. Geographic and sector protections are intended to guard against privacy violations of personal information, and most come with aggressive penalties such as Europe’s GDPR requirements due to go into effect May 2018. Failure to understand these requirements and comply with every aspect can severely impact business value and relationships, underscoring the needs for security of personal information for employees and customers alike.

 

How We Can Help

 

ALLENDEVAUX offers privacy compliance and data protection services to:
 

  • determine geographic and sectoral data privacy regulatory requirements, creating a matrix of requirements across all relevant requirements;

  • conduct a personal data inventory and a sensitive information inventory to identify personal and sensitive data of employees, contractors, customers, partners, and otherwise;

  • map personal data flows throughout the organization to understand security of personal data at rest, in transit, or processing;

  • conduct a data privacy risk assessment to benchmark current personal data security practices against requirements, generating a gap analysis that can be prescriptively mitigated;

  • design a data privacy and protection programme that addresses administrative, technical, and physical controls to meet regulatory requirements and boost the company’s competitive posture;

  • prepare certification filings for EU-US Privacy Shield Framework;

  • prepare certification filings for Swiss-US Privacy Shield Framework;

  • create a breach notification communication plan and escalation runbook in the event to ensure internal management are notified and governmental agencies are contacted with management sign-off;

  • assist with forensic investigation and ongoing compliance with the changing landscape privacy regulations, including consent degrees, state Attorney General orders in the US, agency orders, etc.; and

  • establish a compliance framework for transatlantic exchange of personal data for commercial purposes between the United States, European Union, Switzerland, Switzerland, Australia, New Zealand, and other geographies through the EU-US Privacy Shield, the Swiss-US Privacy Shield, and other instruments.