A.

The New Rules of Data Privacy

​
The data harvested from our personal devices, along with our trail of electronic transactions and
data from other sources, now provides the foundation for some of the world’s largest companies.
Personal data is also the wellspring for millions of small businesses and countless startups, which
turn it into customer insights, market predictions, and personalized digital services.

Three Distinct Pressures of Converging Forces:

1. Consumer mistrust. The idea of “surveillance capitalism has captured consumers’ increasing
awareness that their data is bought, sold, and used without their consent .

2. Government action. Federal lawmakers are moving to curtail the power of big tech.
3. Market competition. This is a remarkable confluence of forces, and they are converging
towards a clear endpoint where individuals will soon exercise full control over their personal
data.

The challenges for established companies, already suffer from a series of internal tensions over
customer data. The new data economy won’t tolerate this state of affairs for long. If your
organization generates any value from personal data, you will need to change the way you
acquire it, share it, protect it and profit from it.

Our new rules of the data economy are fairly straightforward, all of them derived from the basic
principle that personal data is an asset held by the people who generate it. But each rule entails
the breaking of entrenched habits, routines and networks.
Rule 1: Trust over transactions. This first rule is all about consent. Until now, companies have
been gathering as much data as possible on their current and prospective customers’ preferences,
habits, and identities, transaction by transaction — often without customers understanding what
is happening.

Rule 2: Insight over identity. Companies routinely transfer large amounts of personal
identifiable information (PII) through a complex web of data agreements, compromising both
privacy and security.

Rule 3: Flows over silos. This last rule flows from the first two, and doubles as a new
organizing principle for internal data teams. Once all your customer data has meaningful consent
and you are acquiring insight without transferring data, CIOs and CDOs no longer need to work
in silos, with one trying to keep data locked up while the other is trying to break it out. Instead,
CIOs and CDOs can work together to facilitate the flow of insights, with a common objective of
acquiring maximum insight from consented data for the customer’s benefit.

The end of the old personal data economy will not spell the end of its value creation and wealth
generation; that wealth will just be distributed better and more equitably, and carry fewer privacy
and security risks. People will not hoard their data assets. Instead, they’ll invest them in
companies that provide them with a return in the form of more and better personalized services.

To Implement A Best-Practice Approach To Data Privacy And Security,it should define the
standards to which the organization will adhere and strive to follow. A good policy protects
customer, employee and third-party data.

There are two operational approaches to data privacy and security.

1. The Policy-First Approach - The policy will genuinely address the key areas and define the
controls to put in place.

2. The Data-First Approach

A data-first privacy and security program will have detailed and documented knowledge of all
the elements that comprise the organization's data ecosystem. It also features an acute
understanding of the who, what, why, where and how of data collection and security measures
and when it's appropriate to delete data.

25 Essential Data Privacy Best Practices in 2023

1. Understand What Data You Collect - To start, take a step back and determine what data is
captured by your company and whether any of that can be deemed non-essential.
2. Limit Data Access - Only the people in your organization that need to have access to data
should be able to do so.

3. Invest in Data Encryption - To reduce a thief’s desire to steal information.

4. Establish Data Approval Layers - Restricting data access makes it easier for you to pinpoint
and isolate how data leaks happen.
5. Regularly Review Third-Party Software - Aging software systems represent weak points in
your overall data security plan.

6. Invest in Anti-Malware Apps - Make sure all devices that have the ability to access data are
loaded with the most up to date anti-malware software.

7. Establish a Data Usage Policy - Create a clear policy with guidelines, and be sure to
effectively communicate it not just to department heads, but all employees.

8. Don't Overlook Physical Security - Physical security can include requiring logins to access
sensitive information, using an NFC card to use on-site printers so you can log activity, and even
cameras to monitor employee activity in all public spaces.

9. Schedule Security Training for All Employees - Don’t assume that all department heads will
share data security best practices with their subordinates. Everyone must be trained as part of
your overall onboarding checklist.

10. Leverage the Power of 2FA - Require all corporate systems to run on 2FA access and also
routinely require passwords to be updated.

11. Overhaul Weak Passwords - Do not use any old passwords that rely on short character
strings, don’t incorporate capitals, numbers, and special characters, or use identifiable
information.

12. Shift to Secure Cloud Storage - Turn all your data to cloud storage.

13. Avoid Insecure Data Sharing - Avoid the risk by shifting to secure file sharing systems
instead.

14. Automate Software Updates - Make sure that software updates are always up to daìte. It
includes security patches to protect against data theft or hacking.

15. Remove Old or Irrelevant Data as Needed - Once data no longer becomes relevant to your
business’s core tasks, dispose of it properly.

16. Perform Compliance Audits - Have a dedicated team or outsourced vendor that reviews and
ensures your business is following data protection expectations.
17. Keep an Eye on Outside Data Access - Be careful on how third-party partners are accessing
data, but that they’re only using it when necessary and treating it as sensitive information with
the proper security protocols.

18. Beware of Phishing - Educate everyone on what to look out for including opening emails
from unknown senders, clicking random links, and even pop-ups.

19. Only Use Secure WiFi Networks - Remind employees to only use secure networks when
accessing company files and to avoid attempting to access sensitive information on unvetted
public networks unless they’re using a VPN.

20. Keep Passwords Fresh - Do not use the same word or phrase over and over as it increases the
risk of being hacked.

21. Leverage VPNs - Security protocols are not only for your computers but also for printers on
the LAN that aren’t password protected or covered by a VPN

22. Review Privacy and Cookie Policies for Accuracy - If you want to stay compliant with
regulators, make sure whatever data usage is listed in your privacy or cookie policies accurately
reflects how your business uses consumer data.

23. Create Dedicated Compliance Contacts - Create dedicated points of contact for this, as well
as stand-alone email accounts to address these queries. Finally, be proactive in responding to
emails as they arise.

24. Stay On Top of Data Privacy Laws - If you can’t personally manage this, take advantage of
tools like Enzuzo’s Privacy Policy Generator to ensure that your online presence meets with legal
requirements for some of the more stringent privacy regulations in the world like GDPR,
PIPEDA, and CCPA.

25. Don’t Forget Cookie Consent - If you’re not well-versed in the varying requirements,
Enzuzo’s Cookie Consent Banner Generator creates a compliant solution in minutes and can
quickly be installed on your website.

Compliance is Critical for Corporate Success. Enzuzo is a turn-key solution that is also
incredibly flexible, allowing businesses to leverage a customizable data privacy solution that
maintains compliance while providing a robust set of tools. From managing data requests to
creating privacy policies and cookie banners that address your business’s unique needs, Enzuzo
is here to ensure that you can focus on your key business activities and not run afoul of privacy
regulators from around the world.
How to Promote Privacy Best Practices at Work
To successfully protect enterprise and customer data, data privacy must be more than just a
C-suite priority. It must make its way down to the employees who handle this highly sensitive
information regularly. In that regard, there is undoubtedly work to be done. This is especially
prevalent in a post-pandemic environment that makes data exposure and privacy violations more
common.
IT leaders need to ensure that their teams (especially their hybrid workforce) protect peoples’
privacy. Employees need regular data privacy training. Today’s employees have a lot on their
minds. In addition to navigating the fallout from an unprecedented pandemic and a newly
decentralized operational environment, they have countless tasks and responsibilities that occupy
their time and attention. As a result, data privacy is not being prioritized. Leaders have an
opportunity to bolster their organization’s data privacy capacity by teaching their employees how
to protect customer data with regular data privacy training.

According to Teach Privacy, an organization that helps other organizations promote privacy
awareness in the workplace, IT leaders must answer critical questions and provide their teams
meaningful answers to questions such as:
● Why should people care about privacy?
● Why is privacy valued by the organization?
● What are the consequences of failures to protect the privacy of customers, clients and
colleagues?
● What are the consequences for the organization itself?
● What are the consequences for the individuals involved in the failure?
Employee monitoring is a powerful tool for providing employee insight without interfering with
existing workflows or overburdening teams with exhaustive reporting requirements. Employee
monitoring software allows organizations to:
● Set and enforce specific data access privileges (effectively restricting information access
and lessening the risk of a privacy violation)
● Assess data management practices (providing regular feedback on individual privacy
protection practices)
● Maintain regulatory compliance (ensuring that the latest privacy standards are always
met)
At the same time, employee monitoring also produces helpful risk-management assessments,
helping leaders identify high-risk workers and data management practices and allowing them to
update protocols appropriately.
In terms of privacy changes, it is rapidly evolving. Many consumers now view an organization’s
data privacy reputation as a meaningful, competitive differentiator while regulatory requirements
become more expansive and all-encompassing. It is beneficial for organizations to keep up with
the latest trends, listen to customer feedback and prepare employees to evolve accordingly.
10 data privacy best practices in 2022
These days, businesses aren’t just improving data privacy protections to comply with
regulations; an increasing number of businesses recognize that stronger data privacy measures
add new business value. It can require changing mindsets, securing budgets, changing vendors,
maintaining process inventories, holding training events, adopting a privacy governance model,
new levels of accountability and more.

1. Adopt an enterprise data governance strategy - Make sure that businesses and
functional leadership approve of and support new data governance initiatives ahead of
implementation.

2. Show program value - Develop realistic goals and expectations for your business

3. Know your data - Dispose data that your business has but doesn’t actually need, as it
may pose undue security risks.

4. Review your data collection process - Avoid collecting data simply to have it available
for unspecified future use, as it will impose storage costs and security stress.

5. Implement password protections - Ensure that your employees turn on multi-factor

authentication where possible, and use password managers.

6. Backup your data - Make sure to secure data backups

7. Security for backups - Always evaluate your backup storage group’s security measures.

8. Inform your clients - Provide consumers with a general overview of measures in place
to protect data can help build trust, loyalty and a competitive brand identity.

9. Communicate policy changes - Assign a person or a department the responsibility of

communicating with external parties and clients about data privacy changes.

10. Ask thoughtful questions - Drive new conversations around appropriate leadership,
structure, resources and supports for addressing data privacy management.
The 8 Most Challenging Data Privacy Issues

1. Embedding data privacy - Make sure you choose tools that support your current privacy
policies, for example by making data anonymization easier.
2. Proliferating devices - ensure you have the right data governance procedures in place.
3. Increasing maintenance costs - It helps in reducing the number of data silos, eliminate
points of friction and manual processing, reduce risk of human error, more opportunities
for de-duplication, Improved governance and control, lower costs
4. Access control is difficult in many industries - must need an effective data architecture
and strong data governance processes.
5. Getting visibility into all your data - Using tools to discover and classify your data will
ensure you can treat data uniquely and protect your sensitive data from any privacy
issues.
6. A bad data culture - build a great data culture that understands the value of data and
data privacy.
7. The ever-increasing scale of data - As cloud storage and compute costs come down,
businesses are now drowning in data. You will need a solution that can handle the scale.
8. A long list of regulations and documentation to follow - By building processes, data
modeling, and automating as much as possible, you can make it easier to handle the
complexity of different regulations.

9 Most Common Data Privacy Issues & Concerns

1. Not Keeping Track Of Data Protection Laws

Some of the factors that influence your legal scope include specific details like: The location of
your business, your users’ location, your sector of activity, how much revenue you make
annually, and how much data you collect, process, and use
Data protection laws can apply to your business even if you’re not physically located in the
country or state that passed the law.

How can you prevent this issue?

● Consult a lawyer
● Develop an in-house data privacy team: It’s important to have a privacy team dedicated to
ensuring you’re adequately following all applicable laws. Remember, the process is
ongoing, so plan to adapt as the laws and regulations do.
● Do your own research

2. Not Budgeting for Proper Privacy Compliance

One of the most significant data privacy issues impacting businesses is needing to budget more
to address the required technological, security, and employee training needs.
How can you prevent this issue?
Avoid combining your cybersecurity budget with other essential needs, like data privacy and
general IT, if possible. Some businesses might even consider investing in cybersecurity
insurance.Also, using a managed privacy compliance solution, like signing up for Termly’s Pro+
plan, can help simplify many legal compliance needs without costing as much as a lawyer.

3. Not Having Visibility Over Personal Data Collection, Use, and Sharing
Ensure you adequately disclose to your users what data you’re collecting, using, and sharing.
As businesses collect more and more personal data from an increasing number of sources, it
becomes difficult to understand each of your departments’ data processing practices.

To prevent data visibility issues from occurring, your business should perform something called
data mapping which is the practice of creating a record of personal data you hold and why.
You usually need to record all of the following:
● The types of personal data you collect
● The sources of the data (i.e., collected directly or indirectly, from whom)
● Your purposes for collecting the data
● Any third parties to which you disclose the data to

4. Not Having Collaborative Relationships Between Businesses and Privacy Professionals

Building a working relationship with any privacy professionals your business employs or
partners is essential.

To prevent a rocky relationship between the business and the privacy professional, business
owners should build data privacy literacy into every aspect of their process.

5. Not Properly Controlling Access To Personal Data

Today, people often use connected devices, like laptops and smartphones, or integrate external
software with a company’s systems.

To increase your controls over the access of the personal data your business collects, determine
who internally is allowed to access the data, set up access controls that involve authentication
and authorization of the users, and be sure to grant the appropriate level of access based on the
context of each role, location, device, and so on.

6. Not Properly Handling the Growing Availability of Data

They must have a purpose and lawful basis for collecting and using the information.
Those hoarding data take on the risk of facing severe sanctions for their non-compliance.
It’s recommended everyone at your company receives training, both for cybersecurity and data
privacy risks.
7. Not Keeping Up With the Proliferation of Connected Devices
Companies need to take into consideration the number of work-issued devices, including their
employees’ own devices in their plans.
The only way to prevent cyber risks is to train your team and make room in your budget to
prioritize cybersecurity.

8. Not Keeping Up With the Rapid Evolution of Technology

Providing access, sometimes without the company’s total knowledge, to third parties can turn out
to be a real threat.

Ensure you only use a new feature or resource after doing your due diligence. Take the time to do
research on the systems you want to integrate with and have your privacy team or a lawyer verify
if everything is legally compliant based on applicable laws.

9. Human Errors and Undertrained Employees

The security risks increasing your business’s chances of falling victim to cybercrime are:
1. Underprepared employees may not understand the nuances of data privacy laws, leading
to inappropriate data access, use, or deletion.
2. Someone in your organization uses weak passwords, falls for a phishing scam, or doesn’t
know how to recognize insecure links in emails.

Train every team member on data privacy and cybersecurity issues to prevent human errors. It’s
also a best practice to create backup and recovery plans.

Data privacy issues: a guide to business challenges

Data privacy issues are a primary consideration for organizations of all sizes, across industries.
Participating in the digital world and economy involves users from multiple touchpoints and the
rapid exchange of sensitive information. Data privacy issues abound when there is a disconnect
between privacy policies and actual online practices for handling personal data and confidential
information.

What Is Data Privacy?

A simple definition of data privacy refers to collecting and processing personal data from
individuals in a way that respects their rights and keeps their data secure. It’s a balancing act.
Many businesses rely on assembling and using digital information, but that information is
personal to the individual.
If you want personal data collection to benefit your business and consumers, you must build
smart data privacy procedures in every part of your company, from your budget to training staff
and beyond.

The most common privacy issues in business include:

● Keeping pace with changing data privacy regulations - This creates complexity for
in-house legal teams tasked with minimizing risk and ensuring compliance across
jurisdictions.
● Unauthorized devices — The rise of home/hybrid offices and bring-your-own-device
(BYOD) arrangements may include unprotected user endpoints that compromise your
organizational data privacy plans.
● Lack of a clear data privacy standard operating procedure (SOP) — Combining software
solutions with a reliable SOP ensures that data remains reviewed, updated, and
safeguarded at all times.
● Inadequate data privacy practices — An inefficient data privacy system can result in
infrastructure vulnerabilities exploited by malicious actors.

It is important to note that there isn't a universal data privacy standard that applies to every
organization. Your company should ensure strict compliance with each data privacy law relevant
to your managed data type, industry, and location. Meeting the latest guidelines of these laws can
help optimize consumer data privacy.
Privacy issues on the internet have increased with the mobile accessibility of the web. It is
essential for your company to recognize the data issues on the internet associated with increased
connectivity and to implement the best privacy practices for various online traffic.

Examples of privacy issues in technology

1. NPPI considerations - Signing up for an online platform usually requires the submission of
non-public personal information (NPPI), like a person’s marital status and political affiliations,
submitted via an online form. In such cases, your data privacy practices should account for NPPI
management processes.

2. Data sharing concerns - Your team should always disclose data-sharing practices with
third-party vendors or collaborators. Failing to do so can result in the violation of privacy rights,
heavy fines, and legal claims that cause reputational harm.

3. Ever-growing data volume - Your organization needs a programmatic privacy solution that
scales with your database needs.
4. Complex access permissions and control - A lack of a proper cloud-supported data privacy
infrastructure could lead to governance and compliance issues. In these instances, teams cannot
effectively oversee permissions and controls, increasing the risks of unauthorized access and
database breaches.

Privacy in social media

You can stay prepared against potential social media risks by keeping up with the latest data
privacy news and trends. These include following up with policy updates, data leak warnings,
and patch fixes to safeguard your account against potential privacy risks.

Questions about privacy on social media

1. Are there any privacy-setting loopholes? While social media providers constantly update
their data privacy settings, it helps to pay careful attention before posting or sharing any
sensitive information.

3. Are location settings secure? The registered location of your social media account can
provide malicious actors with a clearer idea of your online profile for an organized
network attack.

6 Common Data Privacy Issues

Data privacy should be at the top of your list when it comes to leading your company toward
expansion and innovation. An integral part of both of these is ensuring that third parties are
unable to access, use, or distribute your private user data, can protect your employees, safeguard
your business operations, and preserve your company’s reputation.

Privacy breaches often involve a wide range of company information. While account credentials,
usernames and passwords, are likely the first pieces of information that come to mind when
considering data privacy issues, plenty of other details are susceptible to access, theft, and sale.

These include:

● Products you’ve purchased online

● Search engine and browser histories
● Location information
● Financial data
● Employee benefits service providers such as:
○ Insurance companies
 ○ Health Savings Account administrators
○ Retirement account platforms
● Preferred operational solutions for tasks like:
○ Employee messaging
○ Internal record storage
○ Project management
○ Banking and bookkeeping

We’ve detailed six below to prevent or seriously mitigate data breaches:

1. Insufficient Data Privacy Plans - You should consider each piece of new data as a
potential weak spot in your privacy policies. Any preventative software or procedure
should address specific privacy concerns at scale.

2. Data Trading includes:

● Third-party access and theft of your confidential information
● Selling the information to other third parties
● The continued sale and resale of data until relevant leaks are addressed

Potentially harmful undertakings includes Identity theft, Data hostaging, Targeted advertising,
and Data traders

3. Location Tracking

In the business sector, location tracking can be insidious. Hackers can infiltrate your employees’
location data to reveal or sell trade secrets, confidential consumer data, supply chain information,
and business development efforts.

4. Dangers of Additional Devices

Even if on-site IT equipment is well-protected by data privacy infrastructure and procedures,

consider the risks that other devices can present to your business.

In addition to work-issued smartphones, tablets, and PCs, businesses should also include the
following devices in their data privacy plan:

● Employee-provided equipment, such as smartphones, tablets, and laptops

● Hardware employees use to remotely access your server
 ● Portable hotspots for remote wifi access

5. Insufficient Standard Operating Procedures

Even with the best data privacy platform at their disposal, humans can still make mistakes.
Companies must also develop standard operating procedures (SOPs) for data privacy.

SOPs should include procedures like: new device setup and privacy protection, protocol
concerning employee devices, document naming and filing conventions, when, why, how, and by
whom the SOP should be reviewed and updated

6. Data Hoarding

You should perform some spring cleaning to dispose of any redundant or outdated files on your
server, in the cloud, or on individual devices to prevent any privacy issues from arising.

B. Include a discussion on your personal insights on any specific point mentioned

in the article.

Data privacy should be a great matter of concern nowadays especially that people are very fond
and addicted to the internet. We all prefer more online deals and transactions because it is easier
and makes life lighter.

Our full names, addresses, contact details, etc. can be easily identified by the hackers and can be
misused. Our personal, private details are not that safe and it is really not a time to sit back being
tension free. It is indeed a matter of concern.
So how does it happen? How do they get our personal data? Of course we won't share our own
data ourselves and risk our lives. Then how? Whatever we do on the internet is not hidden. The
problem is the fact that our details are always being shared with some or the other third party in
order to let the internet world enhance our experience. Now, we don't actually know if the data
sharing is helping the cyber thieves or not. If the hackers or cyber thieves obtain our personal
data, they may use our details and misuse them. They can also hack our mobile through our
numbers and misuse it. The most common example, someone may get our phone number and
call us and pretend to be from one of our banks asking for the bank details for some emergency
purpose. After obtaining the details, they will take out all the money from our bank.
So it is very important that we start concerning data privacy and start adapting strategies for data
protection.
Start avoiding downloading unknown apps, don't click on suspicious links. Verify the links. Be
cautious of malicious websites. Prefer using end-to-end encryption services, it is safer.

C.

● Briefly enumerate (in short, numbered items or bullet points) the best practices and
issues/challenges discussed).

1. Understand What Data You Collect

2. Limit Data Access
3. Invest in Data Encryption
4. Establish Data Approval Layers
5. Regularly Review Third-Party Software
6. Invest in Anti-Malware Apps
7. Establish a Data Usage Policy
8. Don't Overlook Physical Security
9. Schedule Security Training for All Employees
10. Leverage the Power of 2FA
11. Overhaul Weak Passwords
12. Shift to Secure Cloud Storage
13. Avoid Insecure Data Sharing
14. Automate Software Updates
15. Remove Old or Irrelevant Data as Needed
16. Perform Compliance Audits
17. Keep an Eye on Outside Data Access
18. Beware of Phishing
19. Only Use Secure WiFi Networks
20. Keep Passwords Fresh
21. Leverage VPNs
22. Review Privacy and Cookie Policies for Accuracy
23. Create Dedicated Compliance Contacts -
24. Stay On Top of Data Privacy Laws
25. Don’t Forget Cookie Consent
 ● What specific data privacy challenges and issues does your organization (i.e. the
company or agency you work in; or if none, the company or agency your close
relative work in) face. Describe how these issues are present in your organization.

Not Having Visibility Over Personal Data Collection, Use, and Sharing
This is one of the challenges being faced by our company. We have a lot of information collected
from various people that are being kept in the company. As we collect more and more personal
data from an increasing number of sources, it becomes difficult to understand each of our
departments’ data processing practices.

● Based on the issues/challenges your organization is facing, can any of the best
practices address those issues? Explain how and/or why.

To prevent data visibility issues from occurring, data mapping should be performed to practice
creating a record of personal data. These data has to be recorded. The types of personal data you
collect
- The sources of the data (i.e., collected directly or indirectly, from whom)
- Your purposes for collecting the data
- Any third parties to which you disclose the data to

D.
1. privacy-by-design and privacy-by-default approach to data processing.

The privacy-by-default approach requires organizations to implement the strictest available

privacy-oriented settings by default. This is done to ensure data minimization, i.e., only such
processing is carried out which is considered to be strictly necessary to achieve specified and
lawful purposes.

2. Data minimization - It applies to the third principle of data protection introduced by the Data
Protection Directive 95/46/EC and has been incorporated into the GDPR.
The third principle of data protection specifies that personal data shall be adequate, relevant and
limited to what is necessary in relation to the purposes for which they are processed.

Pseudonymization - The GDPR defined pseudonymization as “the processing of personal data

in such a manner that the personal data can no longer be attributed to a specific data subject
without the use of additional information, provided that such additional information is kept
separately and is subject to technical and organizational measures to ensure that the personal data
are not attributed to an identified or identifiable natural person.”.
encryption techniques to protect personal data - Encryption of the data contained on the device
provides an assurance that, if this happens, the risk of unauthorized or unlawful access is
significantly minimized.
The drawback with encryption solutions that only encrypt those files that contain confidential
information is that laptop users don’t always ensure they always save data into these folders, and
these encryption solutions do not automatically encrypt temporary files or caches. FPT Software
mobile devices must have a whole-disk encryption.

3. Regular data audits - Data audits, while often avoided, are important to ensure transparency
about who is using sensitive data and for what purpose. This process is necessary to ensure the
organization secures sensitive data, remains compliant, and translates that data into
well-informed decisions.

Risk assessments - is a process used to identify potential hazards and analyze what could
happen if a disaster or hazard occurs.

Privacy impact assessments to identify and mitigate privacy risks - A privacy impact
assessment (PIA) is an analysis of how personally identifiable information (PII) is handled to
ensure compliance with appropriate regulations, determine the privacy risks associated with
information systems or activities, and evaluate ways to reduce the privacy risks.

Works Cited

“Data Audits: A Comprehensive Overview.”

Privacy-by-Design and Privacy-by-Default.

Privacy Impact Assessments.

PSEUDONYMISATION, MINIMISATION AND ENCRYPTION.

“Risk Assessment.”