Resources

Clarip and Wolf & Company Partner to Develop Data Security and Privacy Program

Challenge

A pharmaceutical company was struggling with developing a privacy program that complied with state, federal, and international privacy laws.

  • Despite various exemptions for healthcare/medical data, several healthcare and privacy data regulations did apply.
  • New state laws granting consumers rights over the collection and use of their personal health information (PHI) meant developing a system that allowed them to exercise their corporate legal rights and provided the necessary disclosures.
  • The company also needed help with developing internal policy and procedures, website privacy policy, and vendor management tools and techniques.

Solution

Wolf conducted an enterprise-wide gap analysis to document where the program currently stood and where it needed to be. Wolf partnered with Clarip, a privacy and data governance platform, to meet their needs. Solutions included:

  • Acceptance and tracking of data security access rights (DSR) requests
  • A Do Not Sell function built into its website alongside a cookie tracking system
  • Internal policy and procedures development, including website privacy policy
  • Strengthened the vendor management program’s data privacy policies
  • Data mapping options offered by Clarip

Locating and identifying personal health information (e.g., PHI) inside
and outside of structured software applications is hard but no less critical. Our collaborative partnership with Clarip made visible what was hidden, and privacy risk managers can now develop process to keep private information secure."

Mike Cohn, CPA, CISA, CERP

Principal

Wolf & Company, P.C.

Result

Building a privacy program requires a multi-pronged approach — in this case both a technology and consulting solution. The relationship between Clarip and Wolf made this possible. Wolf & Company’s Strategic Management Services group, known as vSuite, provided privacy program review, gap analysis, policy and procedure development, and virtual Chief Privacy Officer services. Wolf used the data from Clarip’s software to develop, plan, and facilitate the implementation of operational requirements to adhere to all applicable laws and regulations.

Clarip’s Privacy Governance Platform is trusted by several Fortune 500 organizations, to comply with GDPR, CCPA, and other privacy laws. Clarip’s patented technology offers:

Data Risk Intelligence to help stop PII data leaks, visualize data flows, manage vendor risks, automate data mapping, and fulfill DSR requests

Unified consent and preference management API to help manage consent for millions across multiple channels including IoT

Just-in-Time privacy notices that offer greater transparency and improve trust