We process Personally Identifiable Information (PII) for health-care and Insurance (P&C) clients based in both North America (United States and Canada) and European Union (EU). During the process of working with PII data, we comply with all applicable laws of the various jurisdictions including U.S., Canada and EU. Typical PII data we deal with include Social Security Numbers, Employment Identification Numbers, Driver’s License Numbers, Passport Numbers Bank Account Numbers, Routing Numbers, and Credit card numbers. In addition to these PII data that are applicable to United States, we also comply with the General Data Protection Regulation (GDPR) of the European Union. The EU has generally more stringent regulations, we include Names, Addresses, SWIFT Codes as well as any other information that can be used to uniquely identify individuals are deemed as PII.
Cerebra has a strict employee screening procedure for employees dealing with PII. We screen candidates after thorough background checks that include among other things, drug screening, credit checks, prior employment checks, etc., We also have in our employ, attorneys and former banking & financial services employees, experienced in handling PII as part of their previous work schedule.
G D P R
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and is designed to:
- Harmonize data privacy laws across Europe,
- Protect and empower all EU citizens data privacy
- Reshape the way organizations across the region approach data privacy.
G D P R reshapes the way in which sectors manage data, as well as redefines the roles for key leaders in businesses, from CIOs to CMOs. CIOs ensure that we have watertight consent management processes in place, whilst CMOs require effective data rights management systems to ensure we don’t lose their most valuable asset – data.
LET’S WORK TOGETHER