Data Privacy Authority

CSR is the data privacy authority.

We specialize in data compliance solutions that leverage hands-on experience and expert systems.

Our IAPP-certified staff is comprised of world-class information privacy professionals.

IAPP CIPP (Certified Information Privacy Professional) Certs


Learn More
Regulations into Action

CSR translates complex regulations on data security, privacy, and confidentiality into practical business advice.

  • 91% of data breaches are preventable.
  • Data breaches happen to both physical and electronic data
  • Human behavior is an organization's greatest vulnerability

CSR Readiness® reduces the business risk and financial liability associated with acquiring, handling, storing, sharing and disposing of data.

Breach Reporting Service™ helps 100K+ businesses comply with the law, avoid fines, and mitigate damage.

Leading Global Provider

Our award-winning privacy solutions and expert services are available in countries around the world.

We currently provide services in the US, the UK, Ireland, Iceland, the European Union, Canada, and Australia.

CSR's Global Footprint


Learn More

Consumers May Sue Companies That Fail to Safeguard Their Personal Data

Privacy attorney Adam Greene of Davis Wright Tremaine: The more cases like this that are successful, the higher the costs of a data breach become. This is because a successful class action lawsuit can far surpass the cost of regulatory fines. Unfortunately, there is not much that entities can do after the breach, other than offering identity theft services to reduce any potential injury to affected individuals. Rather, the most important steps are putting in place reasonable safeguards before a breach, to prevent a breach or strengthen any case that a breach did not occur due to the entity's negligence.
Marianne Kolbasuk McGee, Appeals Court Allows CareFirst Breach Class Action Lawsuit to Proceed,, August 2, 2017


For a detailed analysis, see our page on Attias v. CareFirst. We issued a joint Press Release on the CareFirst decision with electronic waste recycler ERI.

Legal Readiness | Privacy Compliance for Lawyers


CSR’s Legal Readiness helps lawyers comply with rapidly changing privacy laws and with ethics rules on competence and confidentiality – For example, in New York see Rule 1.1, Comment [8] and Rule 1.6(c) as amended January 1, 2017.

By answering the questions in Legal Readiness, lawyers can evaluate their management of confidential and personally identifiable information (PII). Expert systems analyze the answers from a privacy perspective and generate a customized schedule of remediation tasks in order of priority. Legal Readiness™ then provides guidance on privacy practices and access to information and solutions. It’s an extremely effective way to improve your data privacy practices and data security.

Most lawyers try hard to protect confidential information. They believe completely in the principle of client confidentiality. But technology poses dangers that many lawyers have not mastered, and nearly all lawyers can significantly improve the way they handle PII and client confidential information, both for paper data and digital data. Unfortunately, day-to-day business and urgent client demands get in the way. Now is the time to act with Legal Readiness™. You can't fix what you don’t know is broken.

91% of data breaches are avoidable. Most breaches have human causes and result from human error – even the hacks you hear about. Don’t be the lawyer that thinks data security is an issue for an IT specialist or someone else - this is your issue. It is about how you conduct your legal business and about your compliance with the Rules of Professional Conduct and your adherence to the standard of care. Legal Readiness™ gives you a framework for regulatory compliance and excellent risk mitigation.


Revised rules and constantly evolving guidance from the ABA and state courts, and constantly growing threats from hackers, mean it's time to take decisive action. Get Legal Readiness today and take the necessary steps to meet your professional requirements and protect your clients' data and your own professional reputation.

Legal Readiness

Questions About Data Compliance? Ask the Data Privacy Experts.
CSR Readiness | How Companies Lose Data


CSR Readiness Pro is an award-winning bundle of privacy tools that includes a GAP analytic self-assessment that generates prioritized remediation and a data breach reporting service that uses both experienced IAPP professionals and expert systems.

With CSR Readiness®, the initial questionnaire evaluates how an organization handles personally identifiable information (PII) across several knowledge domains. Artificial intelligence (AI) then analyzes the responses, identifies weaknesses, weighs threat vectors, and generates a prioritized remediation schedule for your business.

Should a data breach should occur, CSR brings years of ISO-certified experience to bear. Our patented Breach Reporting Service™ determines if your event is reportable. If reporting is required, we analyze the reporting needs of 300+ regulatory bodies and 105 sovereign nations. We ensure compliance with regulatory reporting requirements to mitigate fines and minimize damage to your reputation.


Be proactive and reactive with this comprehensive solution. Get CSR Readiness Pro today to address data security weaknesses, safeguard private data, and protect your business if a data breach or audit should occur.


Information does not recognize borders. We help organizations around the world improve their PII handling.



Privacy regulations are complex and fragmented in the United States. We make them simple so your decisions are easy.



The best data breach is the one you never have. 90% are preventable. We help you improve your handling of data.



If the worst happens, you want to mitigate the damage. We do that with analysis, advice, reporting, and more.


PRISM Partners with CSR

CSR provides each member of PRISM, the global trade association for information management companies, access to CSR Readiness as a member benefit.

PRISM/CSR Readiness evaluates member compliance with data life cycle management of personally identifiable information (PII). PRISM chose CSR to provide a best-in-class solution for its over 600 global members.

Download Details
  employees cause data breaches  
New Content

CSR is revving up its blogging and content creation efforts.

Look for a new blog and a lot more valuable data provacy content soon.


Contact the Privacy Experts at CSR