At EPG we understand that there is no such thing as a 'one size fits all' Privacy Impact Assessment (PIA) methodology. We also recognise the inherent limitations of question-driven methodologies, where more robust analytic appropaches can be both quicker and more effective. For that reason we developed the PrImA (TM) Privacy Impact Assessment approach.

PrImA incorporates the Information Commissioner's recommended PIA approach and Data Protection Compliance Checklist, but then builds on this through a rigorous evidence-based analytical approach that dovetails with the UK Government IS1 accreditation method. We typically require 5-7 working days to complete a full-scale PIA, subject to the complexity and scale of the project, and work closely with our clients to ensure that our findings deliver value across a range of areas that extend beyoind just privacy and data protection.

We can audit against a variety of baselines, and have developed our own process that is compatible with the UK Information Commissioner’s privacy audit method. We can also work against your existing audit methods, or develop new methods specifically for your organisation, and train your audit team in their use.

Please note that the Enterprise Privacy Group does not offer a ‘seal of approval’ or similar rubber-stamp of an organisation’s data privacy practices. We believe in establishing long-term commitments to best practice in privacy, and work with our clients to ensure that they can demonstrate their own best practice in this area.