Since 2000, WGA Consulting has been dedicated to offering Global Fortune 1000 companies a better and cheaper alternative to traditional business management consulting and commodity staffing firms. WGA's core belief, that as trusted advisors, we must measure our results from the enduring financial success of our clients. This belief and passion can be seen in our growth, people, services and relationships.

Contact Us

Email | Office: (866) 556-5206

Industries

Capabilities

Business Performance Services

Risk Management

- Privacy / Information

- Business Continuity Planning

- Regulatory Compliance

- Public Company Regulatory (Sarbanes-Oxley, J-SOX)

- Financial Services Regulatory
(Basel II, Bank Secrecy Act,
Anti-Money Laundering, Email retention)

- Service Provider (SAS 70, Webtrust, Systrust)

- Technology Risk
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Privacy and Information

Don't risk your company's reputation
 A recent survey conducted by WGA shows that 31% of public
companies do not have effective safeguards or processes in place to monitor or respond to a privacy breach or exposure, of both internal employees or consumer data.

Information Risk Management services address threats to your company’s value – not just its data.  Federal regulations including the Bank Secrecy Act, HIPAA, GLBA, and state laws such as CA 1386 establish severe penalties for those organizations which fail to protect sensitive consumer and financial data.  Many require immediate disclosure of any infractions, even if it cannot be determined that the data accessed was used inappropriately.  The associated negative publicity often results in a 20-30% decrease in share value within thirty days. 

If your organization believes that information security and privacy aren’t important to the company’s financials, consider this: In 2005, ChoicePoint, a well known consumer information broker, saw its share price tumble from $48
per share to just over  $36 - a loss of over $300 million in market value, in the wake of news that it had not properly safeguarded consumer data.  The company was also ordered by the FTC to pay $15 million in fines and improve its risk management structure.  Years later, ChoicePoint still trades well below its pre-disclosure price.

Graham-Leach-Bliley and HIPAA

Healthcare and financial institutions have been subject to privacy laws similar to those in effect in Europe for several years.  Many organizations, however, still do not fully understand what is required to comply with these laws, exposing them to large fines and other sanctions.  WGA’s team members have assisted healthcare and financial institutions with their privacy practices and procedures.

 

SB 1386 - Privacy Legislation in California
California is leading the way in privacy protection, with over 14 such laws enacted by its legislature.   One law in particular has far-reaching implications for companies regarding the risks of exposing personal data, even if safeguards are in place to prevent the exposure.  SB 1386 requires businesses to notify customers if their personal data is compromised in a security breach or other lapse. 
As a result of this legislation, UC Berkeley spent $200,000 notifying former students and applicants when hackers gained access to a server containing a database with their Social Security numbers.  This was required by law, even though it appeared that the hackers were simply using the server for storage space, never actually accessing or downloading the sensitive data.

 

Privacy Regulatory Compliance

State laws such as SB 1386 have prompted many companies to report security lapses that may have otherwise gone unreported.  The sheer magnitude of these breaches has prompted other states and the federal government to pass similar laws.  The cost of notifying thousands of customers of a security breach can easily reach hundreds of thousands, even millions of dollars.  Many companies would not and could not operate without insurance to protect the organization from unexpected catastrophic loss.  WGA can help protect your company’s future – today.

 

How WGA Can Help

As former executives, WGA's core practice team members were responsible for information assurance services at multinational financial institutions, telecommunications firms, and other organizations where data security and privacy were paramount.  We will assess the current environment, identify potential weaknesses, and assist you addressing any areas of concern.

 

Gone are the days when protecting client information was as simple as locking your doors.  Computers must be properly secured, and even backup media must be safeguarded at all times, including during transit to offsite storage facilities, to ensure they do not end up in the wrong hands.  Whether you’d like independent verification of the effectiveness of your current security and privacy controls or you need a framework developed specifically for your organization, you can trust WGA to provide you with the expertise you need to protect your most valuable information assets.
 

To find out more about WGA's work in this capability area, please contact the practice.

    

   

 

Hot Topics

Information Risk Management

Click to enlarge

"ChoicePoint:  A privacy breach
resulted in an investor loss of $300 Million dollars in market
value in 30 days."
 


 

Perspectives

Eric
Principal
WGA San Diego

"Rule 26 guidelines in the
Federal Rules of Civil Procedure
(which dictate the discovery
process in litigation) require that
companies not only define and
protect critical electronic
information, but also to make it
readily available in the event of
litigation. "
 
   
 
   
   
 
 
     

 

About WGA | Capabilities | Contact Us | Terms of Use

©2000-2010, WGA Consulting, LLC. All Rights Reserved