Implements compliance with South Africa''s Protection of Personal Information Act (POPIA), Act No. 4 of 2013.
Handles GDPR Art. 10 criminal conviction and offence data classification including official authority requirements, national law derogations, and comprehensive register…
Guides compliance with Australia''s Privacy Act 1988 including the 2024 reform amendments. Covers automated decision-making transparency, children''s privacy code, individual…
Cloud service provider privacy assessment framework. Covers ISO 27018 cloud privacy controls, CSA STAR certification, SOC 2 Type II evaluation, shared responsibility model…
Implements Sigstore-based software signing and verification using Cosign keyless signing, Rekor transparency
Implements HIPAA Privacy Rule requirements under 45 CFR §164.500-534 for covered entities and business associates.
Virginia Consumer Data Protection Act (VCDPA) compliance implementation. Covers 5 consumer rights, controller obligations, processor requirements, opt-in for sensitive data, data…
Integrating Global Privacy Control (GPC) signals with cookie consent platforms. Covers GPC signal detection in browsers, automatic opt-out triggering, mapping GPC to US state…
Implements Children''s Online Privacy Protection Act (COPPA) compliance under 16 CFR Part 312. Covers verifiable parental consent methods including signed forms, credit card…
Conducts comprehensive inventory of protected health information across the enterprise per HIPAA Security Rule requirements at 45 CFR §164.308(a)(1)(ii)(A) and §164.310(d).
Colorado Privacy Act (CPA) compliance implementation. Covers universal opt-out mechanism required since July 2024, profiling opt-out rights, sensitive data consent requirements,…
New Jersey Data Privacy Act (NJDPA) compliance, effective January 15, 2025. Covers consumer rights (access, correction, deletion, portability, opt-out), controller obligations,…
Detect NTLM relay attacks through Windows Security Event correlation by analyzing Event 4624 LogonType 3 for
Conducts Privacy Impact Assessment for large-scale systematic monitoring under GDPR Article 35(3)(c).
Implements GDPR Art. 22 automated decision-making and AI Act Art. 14 human oversight requirements for AI systems.
Analyzes UEFI bootkit persistence mechanisms including firmware implants in SPI flash, EFI System Partition
Identifies and classifies GDPR Art. 9 special category data including racial origin, political opinions, religious beliefs, trade union membership, genetic, biometric, health, and…
Guides audit findings remediation program management including finding prioritization by severity (critical, high, medium, low), owner assignment, remediation planning, deadline…
Implements GDPR Article 12 transparent information and communication requirements, covering concise, intelligible, and plain language obligations, response timelines, fee and…
Coordinates credit monitoring and identity theft protection services for individuals affected by a data breach.
Guides the post-Schrems II Transfer Impact Assessment process following EDPB Recommendations 01/2020 six-step methodology.
Addresses HIPAA privacy and security requirements for health data interoperability under the 21st Century Cures Act, ONC Health IT Certification Program, and CMS Interoperability…
Conducts Privacy Impact Assessment for health data processing under GDPR Article 9, HIPAA, and sector-specific health privacy regulations.
Montana Consumer Data Privacy Act (MTDPA) compliance. Lowest consumer threshold at 50,000 consumers. Covers sensitive data consent, universal opt-out recognition, consumer rights,…
Guides the periodic DPIA review lifecycle including trigger identification for regulatory changes, new data categories, technology changes, and breach incidents.
Manages Data Subject Access Request procedures for employee requests under Art. 15 GDPR. Covers scope of disclosable HR records, emails, CCTV footage, performance reviews,…
Implementation guide for CNIL cookie guidelines compliance. References the EUR 150M Google fine and EUR 60M Meta fine.
Automates the Privacy Impact Assessment (PIA) workflow including data flow mapping, privacy risk scoring matrices,
Guides compliance with Japan''s Act on the Protection of Personal Information (APPI, 2022 amendments).
Integrates Records of Processing Activities with privacy management platforms including OneTrust, TrustArc, Collibra, and DataGrail.
Manages RoPA for complex multi-entity corporate groups including entity-level versus group-level records, intra-group transfer documentation, and shared processing coordination.
Processes GDPR Article 16 right to rectification requests, covering verification of corrected data accuracy, notification to recipients under Article 19, timeline management, and…
Manages direct communication to affected data subjects following a personal data breach under GDPR Article 34 when the breach is likely to result in a high risk to their rights…
US state privacy law applicability assessment tool. Evaluates revenue thresholds, data volume thresholds, business exemptions (GLBA, HIPAA, nonprofits), employee data carve-outs,…
Guides implementation of technical, contractual, and organisational supplementary measures for international data transfers per EDPB Recommendations 01/2020.
Guides managing conflicting privacy requirements across jurisdictions. Covers data localisation vs transfer freedom, consent standards variation, age thresholds, breach timelines,…
Hunt for DCOM-based lateral movement by detecting abuse of MMC20.Application, ShellBrowserWindow, and ShellWindows
Manages HIPAA Business Associate Agreements under 45 CFR §164.502(e) and §164.504(e). Covers required BAA provisions, business associate vs subcontractor obligations, breach…
Guide for mobile-specific consent management covering Apple ATT framework for iOS, Android permission model, in-app consent flows, SDK consent propagation to third-party…
Implements GDPR Article 8 parental consent verification for information society services offered to children.
Guides management of cross-border data transfers under Asia-Pacific regulatory frameworks including APEC CBPR, ASEAN Model Contractual Clauses, Japan APPI supplementary rules,…
Oregon Consumer Privacy Act (OCPA) compliance. Unique provisions for de-identified data requirements, employee data partial exemption, nonprofit applicability, 14-day cure period,…
Vendor certification acceptance criteria and equivalence mapping. Covers ISO 27701, SOC 2 Privacy, APEC CBPR, EU Code of Conduct evaluation, certification scope analysis, gap…
Guides implementation of GDPR Article 42-43 data protection certification mechanisms including accredited certification bodies, criteria development, and periodic review.
Guides DPIA for health and medical data processing covering Art. 9(2)(h)-(j) exemptions, HIPAA crosswalk for transatlantic operations, clinical trial data protection under EU CTR…
Guide for managing consent for children's personal data under GDPR Article 8 and COPPA. Covers parental consent mechanisms, age verification methods, country-specific age…
Handles GDPR Article 21 right to object to processing, including compelling legitimate grounds assessment, ceasing processing obligations, documentation requirements, and the…
Implements external attack surface management (EASM) using Shodan, Censys, and ProjectDiscovery tools (subfinder,
Framework for evaluating and selecting Consent Management Platforms (CMPs). Covers TCF v2.2 certification requirements, Global Privacy Control support, multi-regulation compliance…
Deploys DNS, HTTP, and AWS API key canary tokens across network infrastructure to detect unauthorized access
Executes breach notification under HIPAA Breach Notification Rule (45 CFR 164.400-414). Covers 60-day individual notification, HHS/OCR reporting for breaches of 500+ individuals…
Manages GDPR Article 22 rights related to solely automated decision-making and profiling, including identification of automated decisions, meaningful human oversight…
Automates SOC 2 Type II audit preparation including gap assessment against AICPA Trust Services Criteria (CC1-CC9),
Guides development of GDPR Article 40-41 codes of conduct for industry sectors including drafting, submission, and monitoring body requirements.
Performs comprehensive iOS application security assessments using Frida for dynamic instrumentation, Objection
Guides GDPR certification mechanism implementation per Articles 42-43 including accredited certification body selection, certification criteria per EDPB guidelines, certification…
Guides privacy law change monitoring and impact assessment for multi-jurisdiction organisations. Covers regulatory tracking sources, change classification, impact scoring…
Guides appointment of GDPR Article 27 EU representative for non-EU controllers or processors. Covers criteria, responsibilities, and documentation.
Manages deletion requests for children's personal data. Covers parental-initiated versus child-initiated requests, age of capacity assessment, identity verification, scope…
Guide for managing consent for scientific research under GDPR Article 89 and Recital 33 broad consent provisions.