NAVIGATE: COMPLIANCE

Monitoring changes to the many legal requirements dictating the protection of personal information can be daunting, and the task of maintaining legal compliance only is getting more complicated. In addition, companies in different industry sectors and those operating in certain international markets have unique regulations, and many that overlap.  Navigate LLC can help you address the applicable requirements in a cost-effective manner, avoid regulator attention, and protect your organization’s reputation.

PCI DSS

Complying with the Payment Card Industry Data Security Standard (“PCI DSS”) can be an intimidating task. Navigate LLC can assist you in every phase of your PCI program regardless of your current state of compliance.  Services include creating a compliance road map, policies and procedures; developing and delivering PCI training; start-to-finish management of program implementation; and assessing technology alternatives.  Navigate LLC will work with you on virtually any other activity required to help your organization become PCI compliant and ensure you are able to complete a Self-Assessment Questionnaire (SAQ) or undergo a third party validation by a Qualified Security Assessor (QSA).

Compliance with State Laws

There are numerous State laws with requirements such as adhering to the PCI DSS standard to posting privacy statements on commercial websites to the relatively new but game changing Massachusetts Data Protection Regulation.  Navigate LLC can assess your current state of compliance with applicable laws and design practical remedial actions as necessary.

Data Protection Compliance Program

If you operate in markets such as the European Union, Canada, Australia or Russia there are cross-border data protection requirements that govern the collection, processing, use, transfer and security of personal information related to your customers and employees.  Navigate LLC can help you develop and implement a strategy that addresses these legal requirements in a manner that is sustainable, and without being disruptive to your business.

Health Care

The health care industry is the center of attention in privacy as a result of a mandated migration to electronic health records and a tough new update to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as amended by the HITECH Act of 2009 (ARRA Title XIII).  State and federal regulators are aggressively enforcing the new rules, and Navigate LLC can assess your compliance with the requirements and provide practical guidance to address any compliance gaps.

Financial Services

The Gramm Leach Bliley Act (GLBA) requires financial service organizations to make certain required disclosures and implement appropriate safeguards to protect customer information.  Navigate LLC can assess your compliance with GLBA and chart corrective actions as necessary.

EU Data Protection Directive Safe Harbor

If you decide to self-certify to the safe harbor established by the U.S. Department of Commerce and EU Commission, or renew your certification, Navigate LLC can help ensure that you meet the necessary privacy safe harbor requirements, that proper security measures are in place and operating effectively, and that your self-certification is defendable.