Governance, Risk and Compliance (GRC) Solutions - Privacy Impact Assessment

By: Agiliance  09-12-2011


Concern over protection of personal identifiable information (PII) and personal healthcare records (PHR) has steadily increased privacy awareness globally. Although still lagging behind Canada and Europe, the United States has recently stepped up enforcement of personal privacy protection with the Healthcare Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). Fourty-six states, including District of Columbia, Puerto Rico, and the Virgin Islands have all enacted breach notification laws. As HITECH extends HIPAA to broader set of covered entities, legislation enforcement is greater than ever and organizations need an integrated solution covering assessment, policy, and incident management to comply and manage privacy risk.


For global organizations, managing privacy compliance across the variety of country and local laws is a difficult challenge. Agiliance RiskVision enables organizations to manage privacy risks proactively by building Privacy Impact Assessments (PIA) around not just laws and regulations, but privacy principle frameworks. RiskVision's Common Control Framework maps privacy laws such as HIPAA, HITECH, PIPEDA, EU Directive to common frameworks such as the Generally Accepted Privacy Principles (GAPP), The Fair Information Practices, or the ISO 22307 Financial Services Privacy Impact Assessment.

In the event of a privacy breach, Agiliance RiskVision provides organizations the tools to manage a privacy incident through its entire lifecycle. Powered by a highly flexible workflow engine, RiskVision enables identification, investigation, risk assessment, remediation, and reporting all on a single integrated platform.

  • Other products and services from Agiliance


    Governance, Risk and Compliance (GRC) Solutions - Breach Management

    When a breach is reported, an organization needs to ensure proper incident management procedures are followed, the right stakeholders are alerted and actively involved, documentation is captured throughout the investigation and remediation processes are followed to ensure the proper reporting and documentation are completed post mortem.


    Governance, Risk and Compliance (GRC) Solutions - Business Policy Management

    RiskVision supports full policy lifecycle management including a policy repository for collaborative authoring and review/approval with unique policy workflow assignments for authoring, review, approval, and distribution. By having a common set of organizational policies approved by the Board, organizations have a business policy framework that is followed by all employees minimizing enterprise risk while complying with regulations.


    Governance, Risk and Compliance (GRC) Solutions - Continuous Compliance

    RiskVision provides out-of-the-box integration with CMDBs, automatically maps required controls to assets, and dynamically determines asset classification based on asset attributes and configuration. Periodic audit approaches of compliance results in organizations being exposed by leaving failed controls undetected and uncorrected between audit cycles.


    Governance, Risk and Compliance (GRC) Solutions - Project Risk Management

    RiskVision makes it simple to collaborate among program offices, project teams, architecture, security and standards review boards, operations, procurement, finance, and management. In case exceptions are required, RiskVision manages the full exception lifecycle, including request, risk assessment, initial approval, and subsequent periodic re-approval.


    Governance, Risk and Compliance (GRC) Solutions - Actionable Risk

    RiskVision provides risk visibility that is role specific honing in on the right information for the right user, ranging from giving executives a universal risk view to presenting detailed analysis for operational analysts. Highly publicized examples of organizations with poor risk management are all over the news, including well known companies in the financial services, energy, automotive, healthcare, and retail industries.


    Governance, Risk and Compliance (GRC) Solutions - Integrated GRC Applications

    RiskVision is the most proven GRC automation technology with existing production environments with more than 140,000 users, more than 130,000 continuously monitored assets, and over 100 million technical checks performed weekly. RiskVison applications are scalable on a J2EE platform with open interfaces, and designed from the ground up to form a GRC automation platform, compared to consulting tools that have slowly evolved over time.