MANAGED Privacy Compliance
Modern privacy regulations such as the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) have added layers of complexity to the business operations of companies that process personal information. Compliance with these regulations is often mandatory and the costs of non-compliance can range from penalties to diminished organizational reputation and lost business opportunities.
Unfortunately, ensuring compliance with CCPA and GDPR can be difficult and expensive. Obligations including creating data inventories and maps, recording personal information and processing activities, responding to regulator inquiries, and knowing when and how to respond to consumer requests can be difficult to navigate. These problems are further complicated by the scarcity of skills and experience in meeting the requirements of these privacy laws.Learn about our solution.
For businesses facing these challenges, Vicis Law’s Managed Privacy subscriptions are designed to make life easier. By outsourcing specific privacy compliance functions, organizations are able to relieve themselves of the internal burden of maintaining compliance and leverage Vicis Law’s resources and experience dealing with these complex regulations. Our Managed Privacy subscriptions enable our clients to meet the daily demands of CCPA and GDPR without significant up-front investment or effort while maintaining cost certainty.
HOW We Can Help
We can help with CCPA and GDPR compliance whether your company is beginning its compliance journey or already has a fully-formed privacy compliance program and simply seeks to outsource specific privacy functions.
For businesses starting CCPA and GDPR compliance, a thorough assessment is needed to determine how these regulations affect your organization’s operations. Our CCPA Readiness and GDPR Readiness services are designed to kickstart your company’s CCPA and GDPR compliance program. During a Readiness engagement, we will examine your organization’s data processing workflows, identify CCPA or GDPR compliance gaps, and advise on how to become compliant.
If your business has already determined how CCPA and GDPR applies to its operations and wants to ease its privacy compliance burden, a Managed Privacy subscription may be right for you. To help companies meet day-to-day compliance obligations, Vicis Law has developed a managed service that relieves organizations of the internal burden of complying with specific requirements of CCPA and GDPR. We offer this service as an ongoing monthly or annual subscription.
Depending on which subscription you choose, we will perform the following services for you:
- Take inventory and categorize the data your organization possesses.
- Map your organization's data flows subject to CCPA and GDPR.
- Meet GDPR Article 30 requirements.
- Manage historical data as required under the CCPA to account for the minimum 12-month lookback period.
- Track specific types of personal information to assist with managing consumer requests.
- Manage the request process including consumer request verification.
- Track requests from intake through fulfillment.
- Ensure compliance with CCPA and GDPR defined response timelines.
- Handle extension requests as needed.
- Track the number of requests received from specific consumers.
- Facilitate ”Do-Not-Sell” and opt-out requests and processes.
- Create a vendor inventory.
- Coordinate vendors for consumer requests.
- Assist with onboarding new vendors.
- Conduct vendor risk assessments.
- Identify which vendors sell or are sold personal information to comply with “Do-Not-Sell” and opt-out requests.
- Satisfy CCPA and GDPR breach notification requirements.
- Manage incident response including initial reporting.
- Communicate with regulators.
- Maintain an audit trail of incident response actions.
- Help minimize the effects of data breaches.
- Perform PIAs for new or proposed information processing activities.
- Assist with evaluating the legal basis for processing activities.
- Advise on policy updates to needed account for new processing activities.
- Counsel on Privacy by Design principles for new processing activities.
- Flag CCPA and GDPR specific risks and make remediation recommendations.
- Under the GDPR, certain organizations are required by law to appoint a Data Protection Officer (DPO).
- Our GDPR Managed Privacy Compliance services allow your organization to designate Vicis Law as your DPO.
- As your DPO, Vicis Law will fulfill all of your organization's DPO responsibilities.
- Validate your business's CCPA and GDPR compliance.
- Detail controls your company has implemented to comply with its CCPA and GDPR obligations.
- Evaluate and document privacy controls implemented by your organization to comply with CCPA and GDPR.
- Our Validation Reports are meant to be shared with potential customers and business partners.
WHAT To Expect
Curious About Pricing?
Choose the Managed Privacy Subscription That’s Right for Your Business
WHY Vicis Law
Vicis Law PC is a boutique law firm located in San Francisco, California. We specialize in assisting small and medium-sized businesses comply with privacy and information security regulations and all of our attorneys have the unique perspective of being certified privacy and information security professionals. We exist to provide exceptional services and are dedicated to doing just a few things well.
Vicis understands the hurdles companies face in today's regulatory environment. Quite often, the time and money it takes to manage privacy and information security compliance issues is a significant burden. Our solutions provide a cost-effective way to manage and stay current with compliance requirements while easing the burden on your staff.
We assist clients located across the United States, spanning industries from financial services, SaaS, data hosting, enterprise resource management, healthcare, and pharmaceuticals.
Get in touch with us to set up a consultation. Give us a call, send us an email, or use the contact form at the bottom of this page to set up a no-obligation phone consultation with one of our privacy attorneys.
Have questions or don't know where to start? We would love to hear from you and see how we can help.