Services

Technology Contract Management

Privacy Compliance Management

Cybersecurity Management

Data Breach Incident Management

Privacy Legal is more than your typical managed services provider.

 

We provide end-to-end privacy, data protection, cybersecurity and information security strategy, management and compliance solutions for organisations and businesses of all sizes.

 

Because we only deal with privacy, data protection, cybersecurity and information security regulatory matters, we have deep experience and understanding of the strict regulations imposed on industries including the financial industry, payments industry, medical and health industry and more.

 

Our complete range of services helps keep your organisation up to date with the latest regulatory requirements.

What is the difference between privacy and cybersecurity?

In today’s digital world, it is crucial for businesses to understand the key differences between privacy and cybersecurity. Privacy and cybersecurity are often synonymous, but they are two distinct concepts. While related, they are distinct fields with different approaches to protecting people and organisations.

Though privacy and cybersecurity share many overlapping rules and protocol, they differ in one major way: their focus.

Both privacy and cybersecurity serve essential purposes in today’s digital landscape. It is important to understand that while privacy and security are deeply connected, they are two distinct entities. 

A comprehensive strategy should involve protecting both and should be maintained through constant review and auditing.

Privacy Compliance Tool

Our easy to use Privacy Compliance Tool provides an easy overview of your compliance status plus some recommendations on how to address any gaps.

Want to update your privacy posture and ensure compliance with Australian privacy laws?

Our privacy compliance service covers everything most organisations need to meet the most important privacy requirements.  This service include:

·       Detailed report on APP compliance

·       Review and update of your Privacy Policy

·       Recommendations on ensuring your website  complies with privacy requirements

You’ve started on your privacy journey, and now want to improve your program?

Our privacy program maturity assessment is based on industry standards and looks at the maturity of privacy in your organisation across a number of domains.  This service includes a detailed report and privacy program maturity roadmap.

Compliance Development

We work with organisations to develop supporting documentation for the organisation’s privacy, data protection, cybersecurity and information security compliance and/or regulatory drivers. This service includes a review of existing policy and procedure documents related to the organisation’s information security management program. We can also provide templates to organisations brand new to creating documentation.

Compliance Policy Reviews

It’s important to get your privacy policy right. If not, you are risking your reputation and potential compliance issues.

 

Australia’s Privacy Act 1988 (Cth) requires covered organsiations to have a clear and up-to-date privacy policy in place. Similar requirements exist in many other jurisdictions, including EU, California and most APAC countries with privacy laws.

Your privacy policy should explain in simple language how your organisation handles the personal information it collects and stores. It should also provide all the information required to be provided by applicable laws.

Our team is experienced in both drafting privacy polices from scratch and reviewing and improving existing policies.

We can also help with other privacy related policies and procedures including:

  • Collection notices;
  • Consent forms including marketing consents;
  • Cookie policies and consent banners;
  • Employee Privacy Policy;
  • CCTV Policy and procedure;
  • Workplace Surveillance Policy and procedures;
  • Data breach response Policy and procedures;
  • Privacy complaint handling procedures;
  • Data retention and deletion policies and procedures.; and
  • Information security policies and procedures.

Cybersecurity Compliance Standards

We are able to assist with developing, reviewing and managing the following cybersecurity and information security compliance standards:

SOC 1 & 2
FISMA / FedRAMP
GDPR
CCPA
FFIEC, GLBA, NCUA
HITRUST
HIPAA
PCI – DSS
NIST Standards such as 800‑53, -171, CSF, CMMC