Security | Privacy | Compliance Advisory

Privacy made smart | Security made simple

Supporting public sector, broader public sector, and health care organizations since 2008.

Whether you’re a government institution, hospital, health care provider, broader public sector organization , health tech startup, or small business owner, we will help you proactively identify security and privacy risks, and come up with treatments to help ensure they’re managed.

You may need a privacy or security review of a new project, a Privacy Impact Assessment, Threat Risk Assessment, or a strategic security and privacy program maturity assessment, design or implementation, we have the experience to ensure your success in managing diligence and compliance.

Contact Us

dave@smartprivacy.ca

Areas of Practice


Strategic Program Design

Implementing privacy or security programs can be confusing. What framework do you align to? What’s a framework? What’s our target maturity level? Where are we now? How do we get there? What do we need to do to get there? Once we understand what your requirements are, legally and contractually, we can design a security or privacy program that gets you where you need to be.


Privacy

The privacy landscape continues to evolve rapidly, and for organizations trying to drive change in regulated environments, that can be very challenging. SmartPrivacy is here to help ensure your programs and projects continue to meet their privacy requirements, whether its through the development of a privacy assessment for a program or project, or the direct support of privacy operations augmentation services.


Security

Security is a wide and diverse area of practice. Whether your organization requires a security maturity assessment, a project-specific security assessment, or staff augmentation services, SmartPrivacy is positioned to ensure your organization identifies and mitigates cyber risks.


Risk Management and Compliance

Approaching privacy and security from a risk-based perspective is key - whether your organization has in place an enterprise risk management program or needs one designed and implemented, we’re here to help navigate your privacy and cyber risks.

SmartPrivacy also has a good deal of experience navigating and working productively with privacy regulators, and have experience with implementing security programs aligned with the following compliance frameworks:

Freedom of Information and Protection of Privacy Act (FIPPA)

Personal Health Information Protection Act (PHIPA)

National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)

System and Organization Controls (SOC) 2 compliance audits

vCISO and vCPO Services

Are you launching a new program and need temporary leadership support to drive organizational change and build the program? CyberAware.ca has seasoned experienced teambuilders and change agents who can provide program and people leadership services.


"The future of our society is inextricably linked to the future of data protection."

– Andrus Ansip, Vice-President of the European Commission