Privacy Impact Assessment
ChallengeConcern over protection of personal identifiable information (PII) and personal healthcare records (PHR) has steadily increased privacy awareness globally. Although still lagging behind Canada and Europe, the United States has recently stepped up enforcement of personal privacy protection with the Healthcare Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). Fourty-six states, including District of Columbia, Puerto Rico, and the Virgin Islands have all enacted breach notification laws. As HITECH extends HIPAA to broader set of covered entities, legislation enforcement is greater than ever and organizations need an integrated solution covering assessment, policy, and incident management to comply and manage privacy risk.
SolutionFor global organizations, managing privacy compliance across the variety of country and local laws is a difficult challenge. Agiliance RiskVision enables organizations to manage privacy risks proactively by building Privacy Impact Assessments (PIA) around not just laws and regulations, but privacy principle frameworks. RiskVision's Common Control Framework maps privacy laws such as HIPAA, HITECH, PIPEDA, EU Directive to common frameworks such as the Generally Accepted Privacy Principles (GAPP), The Fair Information Practices, or the ISO 22307 Financial Services Privacy Impact Assessment.
In the event of a privacy breach, Agiliance RiskVision provides organizations the tools to manage a privacy incident through its entire lifecycle. Powered by a highly flexible workflow engine, RiskVision enables identification, investigation, risk assessment, remediation, and reporting all on a single integrated platform.