Now that you’ve completed your initial assessment, you can begin developing your data privacy and security program. Depending on the results of the assessment, you may be starting from scratch or you may have discovered that you have many of the pieces of a fully developed program already in place.
The first area we will focus on is policy creation. Policies are important because they explain your privacy practices both within and outside of your organization; they're also one of the primary things that regulators ask for and review during audits and investigations. For both reasons, it is important to have a comprehensive set of well thought out policies that fit your environment and reflect the reality of how your organization operates and what it does with your data assets.
If you'd like to retain legal counsel to assist in developing your data privacy and security program, contact us for an introduction to one of our panel counsel firms.