Eosensa was engaged to perform a comprehensive privacy and data protection assessment for one of Canada’s leading retailers of photography, video, and digital services. The objective of this engagement is to ensure that the organization met its privacy legislative obligations under Personal Information Protection and Electronic Documents Act (PIPEDA), and to ensure compliance to the Payment Card Industry Data Security Standard for the protection of personal credit card information. Upon a comprehensive review, Eosensa produced a detailed report capturing the organizations current level of security and risk management processes, as compared to industry standards; identifying incongruities and recommendations to mitigate identified risks.  The second part of the report contained a section describing recommendations for design enhancements to both the security and risk management programs; allowing Henry’s to follow a detailed step-by-step action plan got implementation. The report and subsequent findings provided Henry’s with a road map to implement “quick win remediation” for risk exposures and a detailed plan outlining the future development of the security and risk management processes.   This provided Henry’s a high level of confidence in it desire to expand operations and resulted in a continuing working relationship with Eosensa, which has now become a trusted advisor on information security and is a virtual member of Henry’s information security team.