Assessments & Programs

Data Privacy Consultants | Data Governance, Mapping, PIA, DPIA, MS DPR, EU Cloud Code of Conduct, GDPR, CCPA

Data - Safe & Secure

Centris is a recognized global leader in all things data – from data mapping and data privacy assessments to developing customized data privacy programs, and more. Ensuring the safety and security of your data – and your client’s data – has never been more important in today’s world of growing cybersecurity threats and increased regulatory compliance requirements. A data compromise or an actual breach can cost your company untold damages.

Our core service relating to all things data include the following:

Data Governance:

In the digital world we all live in, data is everywhere throughout your organization, your supply chain – in effect, your entire ecosystem. While knowing where your data resides – and how it’s being collected, used, shared & disclosed, stored, protected, retained, and disposed of – is no doubt important, data governance goes well beyond such measures. With Centris, we help organizations enable industry leading data governance best practices for ensuring data is organized, managed, trusted, secure, and so much more.

Data Mapping:

As an organization, it’s now more important than ever before to fundamentally understand how data resident in your information systems is being collected, used, shared & disclosed, stored, protected, retained, and disposed of.

With Centris, our data mapping assessments take a deep dive into all things data – specifically – how your organization collects, uses, shares & discloses, stores, protects, retains, and disposes of data. We utilize the following proven, four-phase data mapping process: (1). Analysis & Scoping. (2). Information Flow. (3). Reporting. (4). Remediation.

Privacy Impact Assessments (PIA):

In today’s world of consumer driven data activities, organizations need to be well aware of the impact of the privacy of an individual’s data that is being collected, used, shared & disclosed, stored, protected, retained, and disposed of. Not to be confused with data mapping or Data Protection Impact Assessments (DPIA) – they have their own specific requirements – a PIA is undertaken to ensure the concept of ‘Privacy by Design’ is built into the organization’s overall philosophy regarding the safety and security of an individual’s data.

Data Protection Impact Assessments (DPIA):

Under the GDPR, a Data Protection Impact Assessment (DPIA) is required if certain conditions - per the actual GDPR law - are met. Centris has helped organizations all throughout North America – and Europe – with data privacy measures by performing DPIA’s as needed. We have expertise in almost every business industry and sector throughout the world.

GDPR Assessments:

The General Data Protection Regulation (GDPR) is without question a watershed moment in the world of data privacy and regulatory compliance, especially for U.S. companies. Centris offers GDPR Gap Assessments for organizations all throughout North America seeking assistance with what’s arguably the most demanding and comprehensive data privacy regulation in the world. Our process is efficient, comprehensive, yielding measurable results you can use when building a comprehensive data privacy program.

CCPA & CPRA Assessments:

The California Consumer Privacy Act (CCPA) is landmark privacy legislation enacted to give consumers greatly enhanced privacy rights and protection clauses within the state of California. Centris offers CCPA & CPRA gap assessments for businesses seeking assistance with what’s arguably the most demanding and comprehensive data privacy regulation in the United States.

International Privacy Assessments:

Canada, Australia, even China – and dozens of other countries – have imposed strict rules and regulations relating to the broader topic of data privacy. Much like our services for GDPR, CCPA & CPRA, Centris offers a wide-range of solutions for helping organizations assess how their data is being collected, used, shared & disclosed, stored, protected, retained, and disposed of. If you’re doing business overseas and need assistance in understanding today’s growing data privacy laws, Centris can help.

U.S. State Privacy Assessments:

Almost every state is now following in the footsteps of California in developing comprehensive laws regarding an individual’s data privacy rights. In the near future, it’s quite possible that every state will adopt meaningful data privacy laws, and when this happens, organizations need to be prepared for such changes. Centris can assist organizations by offering a wide-range of privacy assessment services, from gap assessments to developing well-written privacy programs, and so much more.

MS DPR Assessments:

Per Microsoft, “The Microsoft Supplier Data Protection Requirements (“DPR”) apply to each Microsoft supplier that Processes Personal Data or Microsoft Confidential Data in connection with that supplier’s performance (e.g., provision of services, software licenses, cloud services) under the terms of its contract with Microsoft.” When reading the details of the MS DPR document, it’s full of requirements pertaining to data subject rights and information security.

Centris offers numerous services relating to MS DPR compliance, including gap assessments, remediation services, independent reports, and more. A large part of complying with the MS DPR is contingent upon having well-formalized, documented data privacy and information security policies, procedures, and processes in place – measures that Centris can assist with.

EU Cloud Code of Conduct:

The EU Data Protection Code of Conduct for Cloud Service Providers, simply known as the EU Cloud Code of Conduct, is a framework consisting of a set of requirements for Cloud Service Providers (CSP) supported by a Control Catalog. This is important to note as the EU Cloud Code of Conduct is a voluntary instrument in accordance with Article 40 of the GDPR, but more specifically, it defines clear requirements for CSPs regarding implementing necessary measures of Article 28 of the GDPR. Centris offers gap assessments, remediation services – and more – in terms of assisting organizations with adherence to the EU Cloud Code of Conduct.

Data Privacy Programs:

Centris is a recognized global leader in helping organizations define – and document – their entire data flow life cycle in terms of how data resident in information systems is being collected, used, shared & disclosed, stored, protected, retained, and disposed of. With growing cybersecurity threats and regulatory compliance mandates challenging organizations, the time is now for developing your very own customized data privacy program. Regardless of industry, size, or location, Centris has the knowledge, expertise, and manpower for helping you with all of your data privacy concerns.

We also have years of expertise working with cyber related compliance programs, such as NIST RMF, FISMA, FBI CJIS, FedRAMP, eMASS/NISP, NIST 800-171, and CMMC.

CENTRIS

Leaders in Security & Regulatory Compliance

Risk Strategies & Methodologies

Risk management planning reduces exposure to a wide-range of issues that could have detrimental effects on a business. Not knowing, planning, or responding to risks and related issues can leave an organization with few options in combating risks when they actually surface.

CENTRIS Advisory Methods

Strategic Planning & Integration

Every organization is moving towards a digitized business model, so isn’t it time to strategize on some of the most critically important elements for your business?

Explore CENTRIS Strategies

Regulatory Compliance Experts

Build scalable, adaptable, and efficient compliance solutions for increased organizational efficiency, while also improving core InfoSec, cybersecurity, operational and data privacy controls and best practices.

Regulatory Compliance For All Industries