Abstract: Methods, software, and devices for scoring performance of a plurality of privacy protection activities by an organization are disclosed. A plurality of electronic reports are received, with each report indicating that the organization performs one of the privacy protection activities and providing evidence that the organization has performed that privacy protection activity. A plurality of lifespan metrics are maintained, each measuring a lifespan for an associated one of the electronic reports, after which evidence provided in that electronic report is deemed to have expired. A score reflective of extent of performance of the privacy protection activities by the organization is calculated. The calculation takes into account the plurality of electronic reports that provide evidence that has not expired.
Abstract: Methods, software and devices for scoring privacy protection processes implemented by an organization are disclosed. Implementation metrics and evidence indicators are received from units of the organization. Implementation metrics represent extent of implementation of one of the privacy protection processes. Evidence indicators each identify an electronic document providing evidence of extent of implementation of one of the privacy protection processes. Each electronic document is associated with at least one of the implementation metrics for which it provides supporting evidence. For each particular privacy protection process, unit, applicable privacy protection rules are identified and a user interface is provided to facilitate assessing compliance of that organizational unit with applicable privacy protection rules. The user interface presents applicable privacy protection rules, implementation metrics, and the electronic documents associated with those implementation metrics.
Abstract: Methods, software and devices for scoring privacy protection processes implemented by an organization are disclosed. Implementation metrics and evidence indicators are received from units of the organization. Implementation metrics each represent extent of implementation of one of the privacy protection processes. Evidence indicators each indicate an electronic document providing evidence of extent of implementation of one of the privacy protection processes. Each electronic document is associated with at least one of the implementation metrics for which the electronic document provides supporting evidence. For each particular privacy protection process implemented by each particular organizational unit, applicable privacy protection rules are identified and a user interface is provided to facilitate assessing compliance of that organizational unit with applicable privacy protection rules.