tag:blogger.com,1999:blog-6974997875021040765.post5553022190945843857..comments2024-03-12T12:04:59.304+01:00Comments on Peter Fleischer: Privacy...?: Privacy AuditsAnonymoushttp://www.blogger.com/profile/09908660263905877338noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-6974997875021040765.post-25087800541719626242010-04-08T03:09:35.903+01:002010-04-08T03:09:35.903+01:00Peter:
I agree with you entirely about the need f...Peter:<br /><br />I agree with you entirely about the need for more independent and regular privacy auditing. Companies should be forced to "say what they do" and "do what they say." Consumer confidence can only be enhanced if credible auditors with appropriate expertise assess the claims made by companies about their compliance with privacy norms. I have often argued that there is an important role for standards authorities in this regard. I am surprised, however, that you have not come across any examples of privacy auditing services. I know that KPMG provides these services. And what about Webtrust? Maybe Google can blaze the trail in this respect? <br /><br />Colin BennettUnknownhttps://www.blogger.com/profile/15057504487284312557noreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-36118155306542951582010-03-31T08:36:35.275+01:002010-03-31T08:36:35.275+01:00Yes there is a need for good quality privacy audit...Yes there is a need for good quality privacy audits & an opportunity for innovative individuals & organizations here.<br /><br />This is somewhat similar to the more established but sometimes no less haphazard environmental/sustainability/green audits. There is an ISO (14001) environmental management systems standard certification which many use to drive or guide such audits. Green audits are likely at a stage where consistent measurements of performance & outcomes are not nearly as established as say financial audits.Unknownhttps://www.blogger.com/profile/09320073284261448062noreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-55778565662406674472010-03-23T23:43:03.232+01:002010-03-23T23:43:03.232+01:00Peter,
You'll be happy to learn that we start...Peter,<br /><br />You'll be happy to learn that we started providing such professional service in France four years ago - at reasonable prices, to many companies, including big ones. <br /><br />We also know at least a German company providing such service. <br /><br />And it might well appear soon on a pan-european scale as well...<br /><br />This market isn't mature yet, but starts to grow at an interesting pace...<br /><br />Best regards,<br /><br />FredFrederic Thuhttp://www.cabinet-cilex.comnoreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-56675970904946778432010-03-19T16:19:08.001+01:002010-03-19T16:19:08.001+01:00Very interesting post. I have two questions:
(...Very interesting post. I have two questions: <br /><br />(1) Are there really no outside businesses that combine legal, tech, and compliance expertise in one convenient (and reasonably priced) package?<br /><br />(2) How astronomical are the current fees/quotes? And is that a function of the "billable hour?"<br /><br />@AMPrivacy<br />Anthony MartinAnthony Martinhttps://www.blogger.com/profile/12440667104297230963noreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-32577996935339433382010-03-18T17:55:43.702+01:002010-03-18T17:55:43.702+01:00Hey Peter. I'm doing exactly this (among othe...Hey Peter. I'm doing exactly this (among other things) with my new business BlurryEdge Strategies. http://blurryedge.com<br /><br />I've found that for companies with no legal counsel, companies who don't want to ask their high price outside counsel to use precious hours on this, or companies with just an overwhelmed GC, having someone who can give them an overview of their privacy status and things to watch out for moving forward is extraordinarily valuable. Everyone I talk to knows they need to be worried about privacy, but they do not have the time or expertise to do it themselves or significant resources to invest in a big accounting firm to do it for them.<br /><br />However for a reasonable price, thinking about privacy at the point you are first developing an architecture and a business model goes a long way!<br /><br />Happy to talk more and hear your thoughts on what a privacy audit looks like. My first two questions are: What are your current and future business models and What does your database structure look like. I never ask about the privacy policy (a clearly written one is an obvious deliverable for this type of project, not an input to it).Lauren Gelmanhttp://blurryedge.comnoreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-3819380034820122892010-03-18T16:05:32.966+01:002010-03-18T16:05:32.966+01:00Hi Peter,
Actually, after 9 years with Philips, I...Hi Peter,<br /><br />Actually, after 9 years with Philips, I have started my own firm (PrivaSense). <br /><br />Reviewing privacy compliance and conducting privacy impact assessments is one of my services. So if you need a name, think of me.... ;-)<br /><br />Jeroen Terstegge<br />www.privasense.nlJeroen Tersteggehttps://www.blogger.com/profile/09794331506487609007noreply@blogger.com