NCC Group earns recognition as Accountability Agent for APEC CBPR, PRP Systems

NCC Group earns recognition as Accountability Agent for APEC CBPR, PRP Systems

Systems enhance data privacy protections in member economies with enforceable code of conduct

SAN FRANCISCO, CA – March 30, 2020 – NCC Group, a global cyber security and risk mitigation specialist, today announced that it has become a recognized Accountability Agent in the United States as NCC Group Security Services, Inc. under the emerging Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR) and Privacy Recognition for Processors (PRP) systems.

APEC CBPR and PRP are designed to enhance the protection of consumer data moving between all APEC-member economies through a voluntary but enforceable code of conduct implemented by participating countries. NCC Group is one of only a few organizations in the U.S./North America to receive this level of recognition—a major milestone in a data-driven business environment where privacy concerns will become paramount.

Through the CBPR and PRP systems, NCC Group clients can demonstrate their commitment to consumer privacy wherever data or information flows. These add to NCC Group’s already broad range of Risk Management & Governance advisory and compliance services, which include serving as an Approved HITRUST External Assessor Firm, FedRAMP Third Party Assessment Organization (3PAO) and Qualified Security Assessor (QSA), along with comprehensive services that enable clients to address the challenges associated with the ‘alphabet soup’ of acronyms related to the wide range of industry and government mandates.

“We committed NCC Group to gaining recognition as an Accountability Agent because we clearly understand the value of APEC CBPR and PRP as ready-made, internationally recognized frameworks that ensure better protection of personal information while still enabling the secure flow of data,” said Jay Trinckes, Technical Director, Risk Management & Governance North America, NCC Group. “This is a perfect distillation of challenges and opportunities in the global digital economy, and we’re honored to be at the forefront of this movement. While data privacy is already a top-tier issue, we believe it will become even more important in the near future. We pledge to dedicate our efforts and resources to strengthen data privacy for our clients and help them protect their consumers’ data.”

While APEC is an inter-governmental forum for the 21 Pacific Rim member economies seeking to promote free trade throughout the Asia-Pacific region, CBPR and PRP help establish consistent privacy protections for all individuals, regardless of where in the region their data is processed. They were developed as voluntary, enforceable and accountability-based certification systems that ease the responsible transfer of personal data across borders and between participating economies. The movement is clearly gaining momentum: The U.S., Mexico, Japan, Canada, South Korea, Singapore, Australia, Chinese Taipei and the Philippines are already in the CBPR system, with others expected to join soon.

The Joint Oversight Panel (JOP) has confirmed NCC Group meets all necessary criteria and commended the company’s commitment to serve as an APEC Accountability Agent for the CBPR and PRP systems. The JOP Chair concluded: “After extensive consultations, the JOP is satisfied that the NCC Group meets the requirements to serve as an Accountability Agent in the United States for both the CBPR System and the PRP System, of which the United States is a participant.”

The U.S. Department of Commerce welcomes NCC Group as a partner in the APEC CBPR and PRP Systems as it joins the Systems’ Accountability Agent network. “In our increasingly digital world, data privacy is of growing importance,” said Jim Sullivan, Deputy Assistant Secretary for Services in the Department’s International Trade Administration. “By requiring legally binding and enforceable compliance with international data privacy standards, the APEC CBPR and PRP Systems help ensure that data is secured and used in transparent ways.” Sullivan went on to say that: “As data volumes continue to grow across industries and functions, and as data travels across borders to facilitate global commerce, we all benefit from increases in the capacity and diversity of service providers—like NCC Group—for monitoring compliance.”

How It Works

CBPR and PRP are designed to enable participating organizations within the member economies to develop internal operating policies consistent with specific program requirements upon which certifications are based in order to secure cross-border data privacy. Interested parties must submit a self-assessment questionnaire and supporting documentation to a recognized Accountability Agent within their jurisdiction. The Accountability Agent then works with the applicant to ensure that these policies meet the program requirements of the CBPR and PRP systems, certify compliance, and help resolve disputes with other participants in a timely manner. Individuals and consumers can trust that CBPR and PRP-certified organizations will handle their data responsibly.

NCC Group is uniquely qualified to take on the responsibilities of an Accountability Agent. The company is one of the largest and most respected privacy/security consultancies in the world, with 2,000 professionals in 35 offices and 15,000 clients worldwide. The firm’s North American Risk Management and Governance Group now features a unified organization offering world-class talent and expertise, along with a wide range of processes and methodologies, global research, tools, playbooks and more. NCC Group strongly advocates privacy by design and by default throughout all business operations and software development initiatives.

About NCC Group

NCC Group (https://www.nccgroup.com/us/) is a global expert in cyber security and risk mitigation, working with businesses to protect their brand, value and reputation against the ever-evolving threat landscape. With the company’s knowledge, experience and global footprint, it is best placed to help businesses identify, assess, mitigate and respond to the risks they face.

NCC Group has over 35 offices across the world, including key North America offices in New York, San Francisco, Boston, Chicago, Seattle, Atlanta, Austin and Waterloo. It employs more than 1,800 people and is a trusted advisor to 15,000 clients worldwide.