Privacy Assessments

Keep your data under lock and key with Sentry's suite of Privacy services. We’ll lead you through the certification process, and then we’ll help you maintain it.

The General Data Protection Regulation (GDPR) is a comprehensive data protection and privacy regulation that came into effect in the European Union (EU) on May 25, 2018.

The GDPR applies to all EU member states and regulates the processing of personal data of individuals within the EU. It also applies to organizations located outside the EU if they offer goods or services to EU residents or monitor their behavior, thereby processing their personal data.

The GDPR is based on a set of core principles for the processing of personal data. These principles include lawfulness, fairness, and transparency in data processing, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.

Supervisory authorities in each EU member state are responsible for enforcing the GDPR. They have the power to impose fines and penalties for non-compliance, which can be substantial, depending on the severity of the violation. Organizations may face fines of up to 4% of their global annual turnover or €20 million, whichever is higher.

The California Consumer Privacy Act (CCPA) is a comprehensive privacy law that went into effect on January 1, 2020, in the state of California, United States. It grants California residents specific rights regarding the collection, use, and disclosure of their personal information by businesses.

The CCPA applies to businesses that operate in California and meet certain criteria, including annual gross revenues exceeding $25 million, buying, receiving, or selling the personal information of 50,000 or more California consumers, households, or devices, or deriving 50% or more of their annual revenue from selling personal information.

The CCPA provides several rights to California residents regarding their personal information. These rights include the right to know what personal information is collected and how it is used, the right to opt-out of the sale of their personal information, the right to access their personal information, the right to request deletion of their personal information, and the right to non-discrimination for exercising their privacy rights.

The CCPA is enforced by the California Attorney General, who has the authority to bring actions against businesses for violations. In case of non-compliance, businesses may face penalties of up to $7,500 per violation. Additionally, consumers have a private right of action for certain data breaches under the CCPA.

How can we help?

We can provide you with an independent audit of your compliance with GDPR, or CCPA to provide to customers or other stakeholders. This will not only provide you with the confidence you need to interact on the protection of the healthcare information you store and process, but provide your customers and stakeholders that comfort as well.

Privacy Assessments

Ready to take your business to the next Compliance Level?

Sentry Assurance