Search
Menu

Issues [1]
At New America, our work spans across five issue areas—each essential to building a nation and a world where everyone can thrive.
Education & Work

Education & Work

Democratic Futures

Democratic Futures

Global Security

Global Security

Technology & Democracy

Technology & Democracy

Thriving Families

Thriving Families
Latest [2]
Trending Topics

Democracy

National Security

Artificial Intelligence (AI)

Immigration & Global Migration

See The Latest
Real Skills, Real Income: Why Youth Apprenticeship Is Resonating Now

Real Skills, Real Income: Why Youth Apprenticeship Is Resonating Now

Future-Proofing U.S. Nuclear Policy: Forecasting Outcomes of the Nuclear-Armed Sea-Launched Cruise Missile

Future-Proofing U.S. Nuclear Policy: Forecasting Outcomes of the Nuclear-Armed Sea-Launched Cruise Missile

Debunking Myths on Student Parent Data Collection

Debunking Myths on Student Parent Data Collection

The App Store Accountability Act Poses Serious Concerns for Privacy, Security, and Free Expression

The App Store Accountability Act Poses Serious Concerns for Privacy, Security, and Free Expression
Impact [3]

For over 25 years, New America’s insights and policy solutions have helped usher in sweeping, long-term change. Discover how we have turned bold ideas into real-world impact.

See Our Impact

Redrawing School Boundaries for Fairer Funding

Redrawing School Boundaries for Fairer Funding

Reframing Fusion Voting as a Practical, Powerful Reform Strategy

Reframing Fusion Voting as a Practical, Powerful Reform Strategy

Harnessing Terrorism Data to Reshape U.S. National Security Policy

Harnessing Terrorism Data to Reshape U.S. National Security Policy

Establishing a National Housing Loss Rate

Establishing a National Housing Loss Rate
Fellows [4]
For more than 25 years, New America has supported hundreds of fellows as they pursue ambitious work. Through our flagship Fellows Program and specialized fellowships, we back ideas rooted in depth, rigor, and lasting relevance.

See All Fellowships
New America Fellows

The New America Fellows Program supports thinkers, creators, and storytellers whose work shapes public conversation on the defining issues of our time.
Us@250 Fellowship

Learning Sciences Exchange (LSX) Fellowship

Future Security Fellowships
Events [5]

New America hosts various in-person, virtual, and hybrid events. Join the conversation.

See Our Events

Mar 23, 2026
Making Child Care Work for Student Parents

Making Child Care Work for Student Parents

Mar 26, 2026
Drinking Water Data for the Nation: Version 1.0 Release Webinar

Drinking Water Data for the Nation: Version 1.0 Release Webinar

Mar 31, 2026
The Understated Value of Regional Intermediaries for Workforce and Economic Development

The Understated Value of Regional Intermediaries for Workforce and Economic Development

Apr 1 – 2, 2026
The Charleston Regional Youth Apprenticeship Model

The Charleston Regional Youth Apprenticeship Model
About [6]
Generating big ideas and bold solutions for a new America.

Learn About Us
About Us

Who We Are

Leadership

Programs, Projects, and Initiatives

Careers

Funding

Press
Search
Subscribe
Donate

internet of things.jpg

The Digital Standard Testing Handbook

Table of Contents

Security Oversight

Criteria: The company is a responsible caretaker of my data.

See this test in action:

Indicators

The company has systems in place to limit and monitor employee access to user information.
The company has an internal security team that conducts security audits on the company's products and services.
The company commissions third-party security audits on its products and services.
The company ensures that third-parties who process data on behalf of the company implement the required technical and organizational measures to protect user data.

Methodology for Assessing Each Indicator

1) The company has systems in place to limit and monitor employee access to user information.

Obtain and review a copy of the product’s privacy policy, review any other online documentation available
Look for language describing access limitations or data privacy policies that prevent employees from viewing user information.
Review the website more generally, likely sections marked “Legal” or “Policies,” for information about user privacy and access to information.
If the privacy policy indicates that the company has limitations or processes regulating employee access to user information, mark PASS.
If the privacy policy does not indicate whether or not the company has limitations or processes regulating employee access to user information, mark FAIL.

2) The company has an internal security team that conducts security audits on the company's products and services.

Obtain and review a copy of the product’s privacy policy.
Look for language describing internal review processes or audits.
Look for language describing staff or experts who are engaged in security audits.
Review the website more generally, likely sections marked “Legal” or “Policies” for information about security audits.
If the privacy policy indicates that the company has an internal security team that conducts security audits on the company's products and services, mark PASS.
If the privacy policy does not indicate whether or not the company has limitations or processes regulating employee access to user information, mark FAIL.

3) The company commissions third-party security audits on its products and services.

Obtain and review a copy of the product’s privacy policy.
Look for language describing whether the company commissions third-parties to conduct review processes or audits of its services.
Look for language describing which third-parties are engaged to conduct these audits.
Review the website more generally, likely sections marked “Legal” or “Policies,” for information about third-party security audits.
If the privacy policy or another part of the website indicates that the company commissions third-party security audits on its products and services, mark PASS.
If the privacy policy does not indicate whether or not the company commissions third-party security audits on its products and services, mark FAIL.

4) The company ensures that third-parties who process data on behalf of the company implement the required technical and organizational measures to protect user data.

Obtain and review a copy of the product’s privacy policy.
Look for language describing security measures required of third-party data processors.
If the privacy policy describes requirements for data protection policies by third-party data processors, mark PASS.
If the privacy policy does not describe requirements for data protection policies by third-party data processors, mark FAIL.

Security Oversight

Search
Menu

Table of Contents

The Digital Standard Testing Handbook