How prepared is your IT environment to meet customer privacy requirements?

Make compliance good for your business

A wide range of customer privacy regulations (e.g., GDPR, China’s new Cybersecurity Law, CalOPPA, New York’s newly finalized Cybersecurity Requirements for Financial Services Companies) are emerging around the globe. Many organizations will work to comply with these regulations to safeguard their customers’ data and improve the relationship with them. Others will not take the time to understand their IT priorities and comply with these emerging regulations, which may put them at risk of fines, sanctions, lost credibility with their customer base, and perhaps even lawsuits. With stakes so high, why not prepare now? Choosing the right strategy can be good for your business, your customers, and your bottom line.

By answering a few simple questions in less than 15 minutes, you can gain a much richer idea of your greatest opportunities for safeguarding your customers’ data and take your first step toward a long-term strategy.

Your results will be presented in a visual manner, outlining eight use cases where technology can play the greatest role in helping you protect your customers’ privacy. These use cases will be ranked on a sliding scale, to help you determine your organization’s roadmap for meeting these requirements over the long run.* These technology use cases generally fall into one of three categories:


"Governance" measures the processes for the appropriate discovery, collection, storage, processing, and securing of personal data. It starts with an "inventory" of the data and then sets the rules and policies the organization will enforce in order to protect this data through its lifecycle.

Data lifecycle management

"Data lifecycle management" measures the organization’s ability to apply and enforce the policies set in the governance stage, as well as deliver access to certain information, consistent with privacy regulations, for use in legal, compliance, and business-related activities.


"Security" measures an organization’s ability to protect the confidentiality, integrity, and availability of personal data. Besides data protection, it also analyzes the operational capabilities to deliver data breach notifications (as well as data breach prevention) by means of application security testing and enforcement of data processing applications, systems, and services from their design to production stages.

Important information / disclaimer

Technology Readiness Assessment for Safeguarding Customer Data is an assessment of technology and process capabilities of an organization that can support / increase the level of compliance and capability for meeting privacy requirements, but it does not constitute legal advice nor complete or comprehensive assessment against any regulation.