Customers, staff and others entrust your organisation with their personal information. In return, it is expected that all reasonable measures will be taken to safeguard that information.
Confidence and trust in organisations that fail to protect the privacy of those whose information they hold will be undermined. This can result in long-term reputational damage and financial losses.
With a thorough understanding of the privacy implications of your organisation’s projects, practices and technologies, you can achieve alignment with best-practice privacy approaches and build trust in your organisation.
A Privacy Impact Assessment, or PIA, by elevenM examines your organisation’s projects, practices and technologies to determine their potential privacy implications.
By conducting a PIA during the planning phases of any new initiative, you can ensure privacy considerations sit at the heart of your organisation. Conducting early-stage PIAs is a best-practice approach that aligns with “Privacy-by-Design” principles. It helps avoid the need to retroactively address privacy challenges, which can be costly and time-consuming.
elevenM works with you to determine the key outcomes you are seeking to achieve, and the privacy risks your organisation faces.
Our team of privacy consultants tailor every engagement to meet the unique circumstances of every client.
You will gain a comprehensive assessment of the potential privacy implications, along with specific, prioritised remediation activities to uplift the privacy controls of the assessed project, practice or technology.
Throughout the engagement, we use specialised tools that ensure the assessment process is clear, consistent and clearly documented.
A PIA should be conducted as early as possible whenever your organisation embarks on a new project, practice or technology.
Yes, a PIA can be conducted against existing projects, practices and technologies.
However, the best practice approach is to carry out a PIA during the planning stages of an initiative and throughout the implementation phases. This way, privacy issues can be addressed early rather than being treated as an afterthought.
A PIA analyses a specific project, practice or technology, including its data flows, in order to determine whether the initiative is compliant with relevant privacy rules.
By contrast, a Privacy Capability Assessment (PCA) provides a holistic view of your organisation’s approach to privacy. It helps determine your organisation’s privacy maturity and whether your capabilities align with your privacy objectives.
We work with every organisation individually to tailor our work to your needs.