What Is Privacy Audit Law?

Privacy Audit Law

A privacy audit, also known as a privacy compliance audit, is an assessment tool that looks at an organization’s privacy protection policies and procedures, specifically in light of current relevant laws or regulatory requirements. The audits may be conducted by private organizations or by government agencies that are verifying a company’s regulatory compliance. In terms of privacy audit law, the FTC can conduct audits of organizations and take action when a company is improperly securing private information. Action is taken under the FTC Act, which covers unfair trade practices. Health Insurance Portability and Accountability Act audits are also conducted to ensure that providers are following HIPAA law and protecting private health information.

A company’s own privacy audit may also be done to demonstrate that its provided protections are in accordance with industry best practices and its published privacy policy. The result of a privacy compliance audit can identify potential company liabilities.

Winston regularly assists clients in developing policies, procedures, training tools, and cross-functional programs that affect the handling and protection of a company’s data.