Leaders in privacy, compliance & information governance solutions

Welcome. Log in or create an account for AccessPrivacy.com

Consulting Services

Osler's AccessPrivacy service offering includes a broad range of consulting services as part of our approach to practical information management solutions.  We recognize the operational challenges that organizations  face when developing a compliant program that protects their reputation and stakeholder trust.  We offer solutions that are best-in-class, scalable and, most importantly, consistent with the unique business needs of the organization.  We help organizations implement their privacy solutions, assisting with practical strategies for corporate-wide adoption and business integration.  Our cross-sectoral experience allows us to infuse our consulting solutions with the best practices from every sector.  Some of the areas on which we provide advice and guidance are:

Data Governance

  • Program design – for both privacy and information security
  • Privacy and security Policies
  • Privacy and information security governance frameworks
  • Strategies for program adoption
  • Training and awareness  programs
  • Privacy and data-use procedures
  • Complaint management

Benchmarking/Environmental Scans

  • We conduct surveys, benchmarking studies and focus groups on behalf of clients seeking detailed knowledge of industry standards or practices.
  • Our reports include reviews of industry literature and white papers to assist clients in the development of specific strategies such as the adoption of cloud computing, test data protocols, breach notification criteria, PCI compliance, and records management.

Risk Management 

  • Enterprise risk management programs
  • The integration of privacy and security with existing risk management programs
  • Privacy risk assessments and program gap analyses
  • Privacy Impact Assessments
  • Implementing monitoring and audit programs

Breach Management

  • End-to-end breach management assistance, from identification to post-breach root-cause analysis and corrections, including interaction with applicable regulators
  • Incident response protocols
  • Breach notification methodologies
  • Assistance in managing notifications to individuals and regulatory authorities

Records Management 

  • Records management programs, including implementation
  • Retention schedules
  • Data classification
  • Secure disposal protocols
  • Offsite storage protocols
  • Equipment return, reuse and disposal protocols

Outsourcing and Vendor Management

  • Trans-border data flows - strategy and risk assessment
  • Contracting to maintain control
  • Vendor management program development, including due diligence, monitoring and auditing
  • Integration of privacy and information security functions with existing vendor management programs

Other Privacy Risk Related Areas

  • Outsourcing and trans-border data flows
  • Vendor-management, including due diligence, contracting, monitoring and auditing
  • Electronic health records - business and technical requirements, including consent and consent directives
  • Protecting privacy in mergers and acquisitions
  • Regulatory investigations
  • PCI compliance strategy development
  • Implementation - we help navigate corporate politics and organizational barriers to ensure that the right privacy policies and practices are properly implemented and become part of the culture of the organization