This document discusses developing a privacy compliance program. It begins by outlining key privacy regulations like GDPR and CCPA. It explains that compliance programs should identify the data an organization collects, implement systems to manage that data, and establish roles and processes around data security, access, and deletion. The document recommends using a records management platform to securely store customer data and define policies around data protection, security, and retention. It emphasizes that privacy compliance is important, widespread, and that starting a program does not need to be difficult by focusing first on identifying data and establishing management processes.
4. TEAM IM
• Content and unstructured data
specialists since 1999
• Oracle, M-Files, Microsoft,
Elasticsearch, HelloSign, Frevvo,
ABBYY, Smartlogic partners
• Operate in US, Canada, Australia
and New Zealand
• Advisory and Strategy practice is
one part of what we do.
4
10. Other Countries and Jurisdictions
• Canada – PIPEDA (2001)
• Korea – PIPA (2011/20)
• Japan – APPI (2003/17)
• Australia – Privacy Act (1988)
• China – Cybersecurity Law
(2017)
• Argentina – PDPL (2017)
• Etc….
10
Map from DLA Piper (https://www.dlapiperdataprotection.com)
17. Example Data Protection Policy
• Some basic policy documents will help
you
• Data protection policy
• Security policy
• Data classification policy
• Retention policy
17