In August 2019, xTerraLink partnered with IBM to help support the CCPA compliance Privacy Program.
xTerraLink recently selected and awarded a contract with California Department of General Services.
xTerraLink was awarded a California State Board of Equalization enterprise wide independent security architecture assessment contract. xTerraLink's unique Information Security and Privacy Assessment Framework coupled with its experience edged xTerraLink over its closest competitor.
In Sep. 2015, xTerraLink's President was part of a subject matter expert panel on information security.
In Aug. 2015, xTerraLink was awarded a contract with the California State Auditor.
In February, xTerraLink's President and CEO co-presented with Ms. Joanne McNabb, Director of Privacy Education and Policy, on security breaches and HIPAA privacy and security compliance at the Midwinter Sacramento District Dental Society.
In Feb. 2015, xTerraLink was awarded a subcontract agreement with the State Compensation Fund to help support the Fund's Information Security Program.
About xTerralink Privacy Program - A successful privacy program is a complex undertaking. The privacy team needs to stay abreast of regulatory and statutory changes, watch for potential threats from both external and internal sources, assure compliance in existing or emerging business practices, respond to stakeholder inquiries, and provide privacy leadership to their organization, to name just a few of their myriad responsibilities. With this many balls to keep in the air, how can you quickly explain the key attributes of a successful program?
At xTerralink, our team will help you in building your Privacy program including but limited to:
To establish a comprehensive Privacy Program, the initial step that must be taken is to conduct a Program Assessment that includes a gap analysis (“Assessment”). The Assessment begins by mapping and evaluating the regulatory implications by which your organization must comply with. For example, if you are an organization that falls under the purview of the California Consumer Privacy Act (CCPA), then you must align your privacy program to meet such regulation. If your organization on the other hand is a healthcare organization, then your organization must adhere to the Health Insurance Portability Accountability Act (HIPAA). On the other hand if your organization is a state entity, then the state entity must comply with the State’s Information Privacy Policies that are published as part of the State’s Information Security and Privacy Program. The Assessment includes the Privacy Standards that are published as part of industry know frameworks (e.g., National Institute of Standards and Technology “NIST”) and measuring the organization’s policies and standards practices to known standards. The outcome of the Assessment includes detailed recommendation for how the organization will achieve compliance. Additionally, and as part of the Assessment, a compliance plan that includes a roadmap and strategic initiatives to help guide the organization to achieving privacy compliance methodically.
A Privacy Program must comprehend the complexity associated with the requirement of the program. A Privacy Program includes but not limited to the following components:
Whether your organization is building a new or updating/refreshing its Privacy Program, xTerraLink has the appropriate methodology to quickly stand up program for your organization and help you with processes that monitor the program.
Regular privacy awareness training is considered a common reasonable safeguard to protect sensitive information and the reputation of the business entity that collects or sells information. Privacy awareness training can help prevent breaches or help the organization’s employees to spot and stop the breach quickly. xTerraLink offers a comprehensive security awareness training that is easy to follow and includes but not limited to the following areas:
Security awareness training is a formal process for education employees of the organization about computer security and good computer hygiene/practices. Regular training is particularly necessary in organizations with high turnover rates and those that rely heavily on contract or temporary staff. xTerraLink offers a comprehensive security awareness training that is easy to follow and includes but not limited to the following areas:
Additionally, xTerraLink offers a secondary security awareness module tailored for the Information Technology professional. The module includes but not limited to the following areas:
If you have questions or need assistance with building and/or enhancing your Privacy Program, please click the Learn More button below to reach out to one of our xTerralink team member.Learn More