Today, many businesses must comply with various privacy policies, regulations, and guidelines, whether established internally, by a regulatory entity, or as a result of legislation. U.S. national laws, for example, the Fair Credit Reporting Act, the Equal Credit Opportunity Act, and the Insurance Information and Privacy Protection Act, just to name a few, have privacy provisions that apply to customer information maintained by various business enterprises. At least some of these laws place the ultimate responsibility on the Board of Directors of an institution for overseeing consistent compliance, so that there is an increasing need for a comprehensive governance process to assure the privacy of customer information across an entire business organization. For very large and geographically diverse organizations, these requirements can create a significant challenge and resource expenditure.
Historically, efforts to enforce privacy requirements have centered around separate systems and depended on the education and awareness levels of employees of the enterprise. These efforts can lack currency and are sometimes not adequately monitored and updated over time. Therefore, there is a need for an integrated process and system for efficiently enforcing privacy policies and regulations, within a business enterprise.