• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Privacy Communities: How To Build Them And Drive Awareness

Privacy Communities: How To Build Them And Drive Awareness






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds


Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Privacy Communities: How To Build Them And Drive Awareness Privacy Communities: How To Build Them And Drive Awareness Presentation Transcript

    • Privacy CommunitiesHow To Build Them And Drive Awareness
    • Agenda• Introductions• Participants • Steering Committee • Champions• Awareness • Privacy Week • Training • Newsletters• Q&A Page 2
    • Co3 Automates Breach ManagementPREPARE ASSESSImprove Organizational Quantify Potential Impact,Readiness Support Privacy Impact• Assign response team Assessments• Describe environment • Track events• Simulate events and incidents • Scope regulatory requirements• Focus on organizational gaps • See $ exposure • Send notice to team • Generate Impact AssessmentsREPORT MANAGEDocument Results and Easily Generate DetailedTrack Performance Incident Response Plans• Document incident results • Escalate to complete IR plan• Track historical performance • Oversee the complete plan• Demonstrate organizational • Assign tasks: who/what/when preparedness • Notify regulators and clients• Generate audit/compliance reports • Monitor progress to completion Page 3
    • About PRIVACY REFPRIVACY REF provides privacy program services for SMBs• PRIVACY REF helps SMBs create, refine, and manage their privacy programs• PRIVACY REF helps SMBs increase revenues by ensuring that you meet customer privacy and security requirements• PRIVACY REF helps SMBs avoid expenses by avoiding the data loss, fines and brand damage that can be devastating to any business• PRIVACY REF helps SMBs comply with regulations by employing best practices for handling customer and employee data while maintaining focus on your core business• PRIVACY REF provides enterprise-caliber policy and program development and implementation that fits SMB budgets. Page 4
    • Some common challenges• Limited privacy resources• Geographically distributed operations• Varying organizational characteristics • Business processes • Regional / Departmental culture• “Reinventing the wheel”• Information flow Page 6
    • Community A group sharing common characteristics or interests andperceived or perceiving itself as distinct in some respect from the larger society within which it exists Page 7
    • The Steering Committee• Charter • Define direction for the privacy program • Provide guidance on initiatives • Review and approve policy proposals• Comprised of Senior Executives • Information Technology • Legal • Human Resources • Finance • Marketing Page 8
    • Privacy Community• The Privacy Community shares … • Local perspectives • Concerns / Solutions • Programs • Ideas • Artifacts• Membership is unrestricted• Members are referred to as Privacy Champions Page 10
    • Privacy Champions• Requirements • Passion for privacy • Willing to drive initiatives within their team and/or business unit • Work for your company• Recruiting • Existing privacy contacts • Nominees from the Steering Committee • Direct invitations • Volunteers • Champions recruit champions Page 11
    • Privacy Community Meetings• Welcome• Comments from a Steering Committee member• Champion perspectives• Update from the Privacy Team• Open discussion of a current issue• Recognition Page 12
    • Recognition• Focus on someone who supports privacy in any role• Tangible reward • Gift card • Award • Gift (i.e. encrypted USB drive)• Public recognition • Endorsement by recipient’s management team • Award at a Privacy Community meeting • Intranet • Newsletters Page 14
    • Privacy Awareness – How Are We Doing? Source: Ponemon Institute Page 16
    • Privacy Week• Annual, company-wide event • Training / share information • Create a buzz • Give champions a chance to shine• Privacy Presentations• Privacy fairs Page 17
    • Privacy Week• Kicked off by senior leadership • Video • Coffee talks• Webinars • Repeated to address time zone issues• Local presentations• Get IAPP involved • CIPP Exams • IAPP KnowledgeNets Page 18
    • Privacy Week Resources• Privacy Community owns Privacy Week • Privacy team provides coordination • Privacy Community defines content• Presenters and Fair participants • Privacy Champions • Vendors • Recognized privacy leaders • Internal teams• The Privacy Game Page 19
    • Privacy Week Publicity• Posters• Emails • C-level executive to the company • Steering Committee members to their teams• Rename cafeteria menu items • PII Pasta Salad • Encrypted Eggplant Parmesan • Firewall Fried Chicken Page 20
    • Global Data Privacy Day• Celebrated January 28th• Single topic focus • Webinars • Local presenters• Cafeteria menu items renamed Page 21
    • Training• New hire training • Addressed by local HR teams • Hiring manager ultimately responsible• Core training from the Privacy Team • Enterprise-wide Privacy Policies • PCI 101 • HIPAA 101• Targeted training from the Privacy Team • Upon request • In response to an event Page 22
    • Newsletters & Blogs• Privacy Blog • Subjects are of general interest • Available on the intranet • Weekly publication • Written by the Privacy Team• Local newsletters • Subjects internally focused • Tip of the month • Local stories • Driven by Privacy Champions Page 23
    • Other Contacts• Privacy Mailbox • Multiple regional instances • Think about anonymous reporting abilities• Fly-bys• HQ Visitors• Posters • Positive reminders • “Something went wrong” Page 24
    • “Co3 Systems makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.” PC MAGAZINE, EDITOR’S CHOICEOne Alewife Center, Suite 450 “Co3…defines what software packagesCambridge, MA 02140 for privacy look like.”PHONE 617.206.3900 GARTNERWWW.CO3SYS.COM “Platform is comprehensive, user friendly, and very well designed.” PONEMON INSTITUTE Bob Siegel Bob.Siegel@PrivacyRef.com www.privacyref.com 888-470-1528 x801 508-474-5125 @PrivacyRef