Almost all businesses now need someone who oversees their data practices, but not all business have the employee resources to handle all aspects of this key compliance issue. We solve this problem by acting as your outside CPO for some or all of the following needs. By using CPO on Demand™ you receive access to experienced privacy professionals who can help as little or as much as needed, without the cost or commitment of hiring a full internal team.
- Privacy by Design: Working with engineering and product teams to consider privacy and data security issues for new products and services and to build in compliance from the start.
- Global Privacy Counseling: We work with clients to address compliance in non-U.S. jurisdictions, coordinating and working with local counsel as needed. We can serve as your solution – or part of your solution – for having the required DPO under GDPR. We address cross border transfers, required disclosures, obtaining registration or prior authorization where required, participation in the Privacy Shield program, and draft data transfer agreements using EU-approved model contracts.
- Internal Policies: We work on privacy and data security policies that govern the internal use, sharing, storage and securing of data. We also assist clients in obtaining third party audits, working with consultants, and obtaining 3rd party seals and certifications.
- Consumer and Other External Policies: We draft external facing privacy policies and other consumer disclosures and consents. We also assist in implementing updates to these policies and counseling the business team to ensure continued compliance with these policies.
- Contracts: We draft and negotiate contracts or specific provisions in contracts to address data security, data collection and data sharing issues.
- Liaison with CIO or CSO: We coordinate all aspects of compliance with the technology team, including ensuring that the necessary legal documentation is in place with regard to internal controls and data security.
- Training and Awareness: We conduct training sessions to assist our clients in ensuring ongoing compliance with the law and their own policies with regard to data.