Track record of successful privacy implementations across industries.
Thank You!
We’ll be in contact shortly.
Use our privacy seal program to demonstrate your commitment to a higher standard of privacy.
Position your organization as a privacy-forward organization.
VeraSafe’s prestigious privacy certification program assures your prospects, clients, and other stakeholders that your organization can be trusted to handle personal information responsibly. After our initial assessment and remediation, you will receive a website privacy seal to demonstrate compliance, and a detailed findings report to document your compliance. Our highly experienced privacy experts will be your privacy concierge, guiding you through the entire process.
VeraSafe Privacy Seal Program Certification Standards
The VeraSafe Privacy Seal Program brings together the privacy principles underpinning today’s global privacy laws in a single harmonized framework. VeraSafe’s experienced team of attorneys, privacy and IT experts, and project managers will guide you through a review of your organization’s privacy practices, and help implement missing controls and privacy protections if necessary to comply with the certification standard. The VeraSafe program criteria are based on prominent privacy legislation and various related frameworks, such as the General Data Protection Regulation (GDPR), the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the California Online Privacy Protection Act, the APEC Cross Border Privacy Rules, and the FTC Fair Information Practice Principles.
VeraSafe Certification Phases:
1. Initial Assessment Phase
VeraSafe will guide you through an information collection process that includes requests for certain documents, and your responses to one or more questionnaires or stakeholder interviews. If needed, the VeraSafe team will conduct a data mapping exercise as part of the discovery process.
-
Privacy and Data Security Review
Through the discovery and information collection process, the precise scope of your organization’s privacy certification will be defined in terms of specific information systems, business processes, or organizational units. Your VeraSafe team will identify any compliance gaps in the in-scope systems or processes.
-
Gap Analysis
A gap analysis is efficiently developed based on the discovery and information collection efforts. Remediation activities that your organization needs to execute (always with the support of VeraSafe) are tracked in VeraSafe’s intuitive cloud-based project management system.
2. Remediation Phase
Based on the information gleaned from the assessment, our team of in-house privacy attorneys and privacy and cybersecurity experts guides you through the remediation process, helping to ensure required changes are completed.
-
Preparation of Legal Documents
Rely on VeraSafe’s in-house attorneys and privacy experts to prepare or revise the legal documents necessary for compliance, including data processing addenda, nondisclosure agreements, data transfer agreements, et cetera.
-
Revise Policies and Procedures
Based on the data mapping exercise, VeraSafe will review your organization’s privacy policy and either propose revisions or draft a new privacy policy to satisfy the best-practice requirements of the Certification Criteria. VeraSafe will conduct a review of your data security policies and procedures in order to identify gaps in your existing security policy framework. To close the policy gaps identified by VeraSafe, we will provide model language for your organization to implement.
-
Vendor Management
Your service providers that process data on your behalf may be the weakest link in your privacy and data protection program. VeraSafe has a proven methodology for confirming that your vendors are able to provide adequate privacy and security for your personal data. If needed, VeraSafe will lead the process of negotiating additional data protection terms with vendors.
3. Certification and Ongoing Support Phase
Once your organization has completed the necessary privacy compliance fixes and remediation, you will achieve your certification in the VeraSafe Privacy Certification Program.
-
VeraSafe Website Privacy Seal
Display the VeraSafe Website Privacy Seal on your website and/or mobile app to demonstrate your strong commitment to privacy. Your visitors can click the attractive green trust badge to confirm your organization’s good standing in the VeraSafe Privacy Program.
-
Letter of Certification
VeraSafe provides a letter confirming your organization’s successful certification under the VeraSafe Privacy Program. This letter can help build trust and credibility with your clients.
-
Final Compliance Assessment Report
The final compliance assessment findings report documents not only that your organization is compliant with our rigorous Privacy Program Certification Criteria, but also documents specifically how your organization complies. VeraSafe clients often find this report to be valuable sales collateral to demonstrate strong data protection compliance to prospects and clients.
-
Dispute Resolution
Your organization will benefit from VeraSafe’s third-party privacy dispute resolution service, which helps your organization effectively and professionally manage any privacy complaints from your data subjects.
-
Ongoing Support and Guidance
Our privacy consultants and attorneys are available on-demand to support your organization with any privacy or data protection problem that might arise, big or small. We’re happy to help.
VeraSafe’s Outstanding Legal Project Management Methodology
VeraSafe’s tried and proven project management methodology ensures that we are able to meet tight deadlines and utilize your team’s resources efficiently. Your VeraSafe project team will include a qualified project manager responsible for managing the overall pace, organization, and efficiency of your Enterprise Privacy Certification. The project manager has the ability to draw on the resources and expertise of the entire VeraSafe team when needed to accelerate completion of deliverables.
Build trust with your audience by demonstrating that your organization is committed to a higher standard of privacy.
Why VeraSafe?
Work directly with our in-house team of US and European attorneys, IT experts, and project managers.
Strategic, risked-based approach to compliance.
Fully customizable engagement scope, tailored to fit your needs.
Holistic approach: We help you identify business opportunity hidden inside the complex world of privacy law.
Going beyond just EU privacy law, VeraSafe is your end-to-end partner for the entire privacy and cybersecurity domain.