Privacy & Data Protection

Doing the Right Things | Complying with International and US Data Privacy Laws and Regulations

A principles-based approach to operationalizing your compliance program to a fluid data-privacy regulatory landscape.

Many countries and an increasing number of US states have passed comprehensive privacy legislation. BRG works with clients to achieve compliance with these international privacy regulations, which include the European Union’s General Data Protection Regulation (GDPR), Brazil’s General Data Protection Law (LGPD), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and Korea’s Personal Information Protection Act; the US Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), and Federal Trade Commission Act (FTCA); state privacy laws, including the California Consumer Privacy Act (CCPA) and Nevada’s Senate Bill 220; and state data-breach notification and data-disposal laws.

Combining our data-privacy principles-based approach and our data-privacy model, we deliver compliant, sustainable privacy programs that not only achieve compliance with GDPR and CCPA but are scalable and flexible enough to grow with your business and keep up with this dynamic area of law. Depending on the needs of your business, BRG can provide advice and support or can serve as your outsourced privacy officer or EU data protection officer, building your program from the ground up and providing ongoing services to fulfill data-subject requests, respond to potential data breaches, and otherwise manage the day-to-day requirements of maintaining compliance.

BRG prides itself on providing intelligence that works. We begin by rolling up our sleeves and mapping your systems and processes that involve personal data, and we work from there to create a right-sized, effective program for your business. Our simple, self-correcting, and sustainable “Discover-Build-Communicate-Evaluate” model can be tailored to your specific business environment.

Discover Gap assessment Data and application mapping Business process map Multidirectional data flows Identify proper program structure
Build Program model Register of processes Data-subject request fulfillment strategy Manual or application-based tools Data-disposition model Contract terms
Communicate Policies and procedures Consent and notices Training and awareness Risk and mitigation reporting
Evaluate Metrics to establish monitoring Audit data-subject access request fulfillment

Privacy & Data Protection

A principles-based approach to operationalizing your compliance program to a fluid data-privacy regulatory landscape.

Discover

Build

Communicate

Evaluate

Key Contacts

Amy Worley

Robert Hichens

David Kalat

Ignatius Grande

Related Services

Related Industries

Related Brochures

DPO as a Service Let's YOU DO YOU

Let Your Data Do Its Best Work

Comply with US State Data Privacy Regulations

Related Privacy & Data Protection Insights

Nervous System: Who Ya Gonna Call—and Who's Calling You?

Legaltech News: Nervous System

Nervous System: Honeypots in Space

Related Privacy & Data Protection Events

Practical Application: Seamless Multilingual Document Review with Translate in RelativityOne

Techno Security & Digital Forensics Conference

The Sedona Conference US Biometric Systems Privacy Primer Webinar

Related Privacy & Data Protection News

The Way Forward on AI Regulation

Just 36% of Corporate Leaders Believe AI Policy Will Provide Necessary Guardrails, BRG’s Global AI Regulation Report Finds

Who’s Who Legal Investigations 2024