FULL RANGE OF EY PRIVACY & DATA TRUST SOLUTIONS

Privacy Compliance and Governance Services Privacy & Data Trust Operations Services Privacy Continuous Improvement Services
Privacy Compliance Assessments Business/System Process Management/Data Inventory Cultural Evolution Training
Privacy program compliance assessment focused on 15 key privacy capabilities: • Map business and system process flows to build data processing inventory Leadership Data Trust Mindset & Behaviors
• Governance • Perform data discovery and classification on high risks data sources • Impact of risk exposure and customer strategy
• Data privacy and Accountability • Embed privacy and security mindset throughout organization
• Data privacy notifications Privacy Impact Assessment Manage Services • Rapidly respond to threats and influence others
• Breach & Incident Management • Privacy impact assessments on high-risk business processes to identify • Prioritize business continuity, brand, and growth
• Data privacy risk & controls framework and remediate privacy risk
• Training Awareness & Cultural Evolution On-the-job behavioural Training
• Operations Data/Records Retention and Destruction • Go-to experts and advocate for data privacy
• Business process/system flow mapping/Data Inventory • Review and/or development of data and records retention schedule • Educating employees and staying close to best practices and compliance
• Privacy impact assessments • Implementation of solutions to help automate data retention and • Trusted resources supporting changing privacy laws
• Retention & destruction destruction schedules
• Data subject requests & Complaints Management Meaningful Disclosures
• Data Portability Transfer Impact/Vendor Privacy Assessments Manage Services Strategy to revolutionize the way consent and transparency is presented
• Use of personal data Perform transfer impact assessments where personal information is stored or throughout the customer journey including just in time notices, interactive tools,
process outside of the applicable jurisdiction to assess what safeguards are in place customized mobile interfaces and purpose statements.
• Conditions for processing to protect from unauthorized access including government surveillance laws.
• 3rd party management Privacy Certification
• Security safeguards Consent/Cookie Management
• Consent & Cookies Management • Readiness assessments for privacy certifications such as NIST, ISO27701,
• Strategy to identify, scan, categorize, block and publish 1st party cookies SOC Privacy domain
• Data Analytics and the Ethical Use of Data
• Strategy to develop data insight solutions without the use of 3rd party cookies • Attestation for privacy certifications such as NIST, ISO27701, SOC Privacy
domain
Privacy Program Development Privacy Enhancing Technologies
Develop a privacy program which includes the following components: Development of a data analytics strategy that incorporates de-identification
• Governance techniques, PETs or data synthesis.
• Team Structure & Roles/Responsibilities
• Internal/External Privacy Policy/Notice Zero Trust Security Architecture
• Privacy Impact Assessments (PIA) Methodology Pre-requisite Business/System Process
Implement least privacy access model on all verified people, devices and
connections to ensure only authorized sources access the data. Management/Data Inventory
• Data Classification/handling
• Data Retention Schedule Strategy includes the use of appropriate
• Data Subject Request Process Privacy by Design (PbD) for Products and Services tooling/technology
• Privacy Incident Management Policy Development of key privacy controls and functionality that can be embedded
• Regulatory Reporting Policy during the design phase of products and services to reduce privacy risks and
• Consent/Disclosure Policy increase trust generation.
• Cookie Management Policy
• Outsourcing/Cross Border Policy Cloud Migration Privacy Impact Assessments (PIA)
• Privacy Compliance Awareness & Training Perform PIA on cloud migration strategies to ensure privacy risks and data trust
• Privacy Controls Framework/Risk Management optimization opportunities are addressed during the design phase.
• Privacy Research
• Complaints Management