Services
“Strengthen Privacy Protection and AI Governance with a committed and skilled team”
Our multidisciplinary team of experts understands the intersection between your organization’s legal obligations, growth goals, risk management, strategic planning, available resources, and technology. Our team will work with you to draft a path towards Privacy Compliance and effective AI Governance that takes into consideration the context and industry in which you operate, as well as the scope of your personal data collection and processing activities.
External Privacy Office & EU DPO
Etika Privacy can act as your organization's external Privacy Office, in Canada, the UK and Germany. Etika Privacy can also be appointed as your DPO Representative under GDPR in the EU. As an external Privacy Office, Etika Privacy's experienced team will efficiently oversee your organization's Privacy compliance in Canada and in the European Union by working in collaboration with you in managing your Privacy Protection Program to deliver your organization's Privacy compliance.
AI Governance
Etika Privacy’s AI Governance services include: AI Strategy Development, where we identify and prioritize valuable AI use cases; Current State Review and Gap Analysis, to assess compliance with AI laws and standards such as ISO/IEC 42001 and the EU AI Act; AI Risk Management, to enhance organizational policies and accountability structures, and manage AI-related risks; AI Vendor Assessments, to ensure that your AI partners meet ethical and regulatory standards.
Advice and Support
Etika Privacy can advise your Privacy Officer and Senior Management in support of your organization's Privacy and AI Governance. Etika Privacy can also provide all required policies, procedures, and tools to support your organization in meeting your legal obligations under privacy laws such as complying with the GDPR, Québec's Act 25, Canada's PIPEDA (soon to be CPPA); and AI governance obligations such as the EU AI Act, and more.
Maturity and Risk Assessment
Don't know where to start with your Privacy compliance or AI governance? Etika Privacy can perform a Maturity and Risk Assessment to identify non-compliance or gaps in your governance program, and elaborate a 3-year Strategic Implementation Plan, addressing higher risks to your organization first, so that you can achieve continual improvement of your Privacy and AI maturity overtime while investing reasonable budgets to achieve Privacy compliance and AI governance goals.
Awareness and Training
Training your employees and consultants is at the foundation of any robust organizational Privacy and AI-positive culture. Etika Privacy can provide the necessary trainings to ensure employees understand their role in protecting the privacy and personal information held by your organization. Etika Privacy has developed a general training on Privacy and AI Principles, as well as specialized trainings informing employees on: Privacy Incidents Response and Notification; Performing Privacy Impact Assessments; Negotiating Privacy Addendums, Data Processing Agreements, and Standard Contractual Clauses; AI Use Cases, AI Compliance and Risk Management.
Policies and Procedures
As privacy and emerging AI laws require the documentation of your practices, Etika Privacy can support you in the development and adoption of a Privacy Protection or AI Governance Program that meet the needs of your organization. Policies and Procedures may include: Governance Frameworks, Data Privacy Policy, Retention and Destruction Policy, Incidents Response and Notification Procedure, Impact Assessment Procedure, Anti-Spam Compliance Procedure, Data Subjects Rights Request Procedure, and Employee Privacy Policy, as well as Data Processing Agreements and Privacy Addendums.
ISO/IEC 27001 & 27701
Our certified ISO 27001:2022 & ISO 27701:2013 consultants can structure and provide effective implementation support of your Information Security Management Systems (ISMS) and Personal Information Management Systems (PIMS). Focusing on digitalization and completion of ever-changing requirements, the use of an international standard can also help to map your organization's Privacy requirements to all applicable privacy laws.
Privacy and AI Impact Assessments
Are you onboarding a new software or IT system that will process personal information or use AI? Does your organization need to perform a PIA, DPIA, or AI impact assessment? Etika Privacy has developed a simple and efficient automated software that can support you with this process.
Risk Management
Managing privacy, data protection, and AI risks is at the core of your Privacy compliance and AI governance. Our risk-based approach allows our clients to skilfully assess the probability and severity of various risks while documenting and reporting on remediation actions.
SME Privacy Compliance Package
Small and medium-sized businesses who process personal information have specific needs that require business savvy and budget efficiency! The SME Privacy Compliance Package has been structured to address your organization's first steps towards Privacy Compliance and includes Maturity and Risk Assessment, Personal Information Management Policy, Privacy Policy, Privacy Incident Response Procedure, as well as 2 annual trainings for your employees.
Other Services
- ROPA – Record of Processing Activities
- Consent strategy and management
- Data Subject Access Request
- Artificial Intelligence for decision-making
- AI Guiding Principles
- Privacy Policy for websites
- Personal Data Transfers