SlideShare a Scribd company logo

Why Your Company Needs A Privacy Culture & Where To Start

TrustArc
TrustArc

Data privacy is so much more than legal compliance! We believe legal compliance should be the result of a successful privacy program, not the goal. Moreover, companies should use personal data to support broader strategic objectives. How to build an understanding of privacy at your company’s cultural level? How to get the necessary resources for your privacy program? In this webinar, we explore how creating a culture of privacy within your organization can make it become a top priority and help building an efficient privacy program.

Technology
1 of 15
Download to read offline
1 © 2022 TrustArc Inc. Proprietary and Confidential Information. Why Your Company Needs A Privacy Culture & Where To Start
2 Agenda ● TrustArc’s views on a Culture of Privacy ● Create a Privacy Mission Statement and Vision ● The Effects of a Culture of Privacy are seen in a Strong Privacy Program ● What Privacy Programs Say About Culture ● From a Privacy Program to a Privacy Culture ● Create a Privacy Team ● Privacy Tech Solutions ● How Personal Data Supports Other Business Objectives ● Privacy Culture Metrics ● Q&A
3 Speakers Fernando Barreiro CIPP/E, CIPM Global Privacy Principal TrustArc Andrew Scott Privacy Counsel TrustArc
4 TrustArc’s Leaders on Culture of Privacy Means…. “Shared understanding of how data may be used to support business objectives but enable individuals to access their rights.” - Meaghan McCluskey, Associate General Counsel, TrustArc “Treat the privacy of others like its your own.” - Chris Babel, CEO, TrustArc “Pushing privacy throughout the organization (Engineering, Legal, Marketing) so everyone knows what they need to do to protect the data and what they need to do as their job as part of that” - Michael Lin, Chief Product Officer, TrustArc “Changing the way management looks at the way the manage data, moving the perspective from trying to comply with the law to that of how privacy adds value to the business rather than taking it away” - Ralph O’Brien, Principal Consultant, Europe, TrustArc
5 Create a Privacy Mission Statement and Vision Our Data Values At TrustArc, Privacy is our Business. ○ Embedding privacy. We strive to help businesses embed privacy into their strategy and operations by providing simple, scalable, and intelligent solutions that help our customers continually manage privacy compliance and risk. ○ Responsible use. We help to promote responsible data use and stewardship among businesses and suppliers around the world. ○ Purpose driven. We only collect, use, and share the information needed to provide and operate our solutions and to help our customers meet their accountability and regulatory compliance needs. ○ Always improving. We process data about the use of our solutions and the way we operate our own business in order to help us better understand the needs of our customers, prospects, and other stakeholders, and to continue to improve user experience, features, and functionality of our solutions. Other Company’s Statements ○ “Privacy is a fundamental human right. It’s also one of our core values. Which is why we design our products and services to protect it. That’s the kind of innovation we believe in.” - Apple ○ “At Salesforce, trust is our #1 value. This Privacy Statement describes how Salesforce collects, uses, shares or otherwise processes information relating to individuals (“Personal Data”) and the rights associated with that processing.” - Salesforce ● A Mission Statement statement describes the purpose and ideas
6 The Effects of a Culture of Privacy are seen in a Strong Privacy Program ● Helps Meet Regulatory Compliance Obligations ○ Fines for non-compliance; compliance with one framework will not always satisfy for others ● Improves Optics ○ More opportunities to build or lose trust with brand (data can be traded for trust) ● Increases Employee Confidence / Reduces Risk ○ Providing employees with confidence to raise complaints without retaliation; reduce suits ○ Making employees aware of their rights and security of their data ● Increases Cross-Functional Collaboration ○ Communication has increased between Legal, HR, and Technology Departments regarding privacy matters (e.g., understanding automated employment decisions, increased training with responding to complaints/requests) ● Improves Allocation of In-House Resources ○ Need to reassess data flows, consult outside counsel, seek new technical solutions, implement new controls, regularly assess the effectiveness of the controls, and create new roles; improve data quality, reduces ● Improves Business Strategy (Corporate Governance) ○ Increased need to establish a privacy stakeholder and consider privacy not as a cost but as core business strategy ● Global Regulatory Environment (Interoperability)
7 What Privacy Programs Say About Privacy Culture ● Compliance Should Not be the End Goal of the Program ○ With the sole goal of regulatory compliance, privacy will be an inhibiting factor in the organization’s to drive strategic decisions; privacy does not have to affect the bottom-line ○ Consider creating a program with a true “floor” rather than a privacy patchwork ○ If resources are thin, consider a base framework and evaluate the organization’s appetite for risk ○ Does your privacy notice tell your organization’s story? ● What Personal Information is Collected and Processed throughout the organization? ○ How is PI Collected? ○ How is PI Retained? ○ Where is PI Transferred? ○ How is PI Accessed? ● Considerations ○ The strength of the administrative, technical, and physical safeguards to protect against collection, use, an disclosure throughout the organization
8 From a Privacy Program to a Privacy Culture ● Embed a Privacy Program into all aspects of the organization (default is a Privacy Culture) ● Make the Privacy Program resilient (protect proprietary information via compliance) ● Make the Program a group effort beyond the Privacy Team (talk about it) ● Don’t Impose, ask for help/feedback: be a resource for the organization, don’t be afraid to adapt the program based on received feed (frame it as trying to achieve strategic goals) ● Build a Privacy team or Privacy Office full of privacy advocates and good communicators ● Find Privacy Champions across the organization. Recognise their inputs and work. ● Be creative in your communication strategy: trainings should be useful and interesting, organize privacy events, engage the audience, create friendly materials.
9 Create a Privacy Team ● The team should be aligned with the organization’s objectives and goals ● Identify a sponsor / champion to liaise with other teams ● Consider cadence of meetings and who else should be invited ● Funding will not be hard if there is a culture of privacy
10 Privacy Tech Solutions ● Consent Tools ● Privacy Enhancing Technologies ● Data Inventories ● Risk Assessments ● Assurance: Certifications, validations, and seals communicate trust to customers and consumers but also allow for increased business (trade) Wide Range of Solutions to incorporate
11 How Personal Data Supports Other Business Objectives ● Privacy is not only a compliance/risk issue. ● Innovate with Privacy! ○ We don’t want Privacy to be the “No” in moving the organization’s strategic goals ● Trust! Privacy as a business driver and competitive differentiator. Privacy as a core element of companies/brands. ● Consider the effects of losing proprietary information (FTC - algorithm disgorgement) ● ● Human error is number one reason for security breaches. Mature and well implemented privacy program + well established privacy culture reduces this risk preventing reputational, operational and financial losses.
12 Privacy Culture Metrics ● How many legal frameworks is the organization compliant with vs. jurisdictions they are doing business in? ● How many dedicated privacy professionals are there? ● How many privacy incidents have there been? ● How many privacy trainings have been conducted? ● How many certifications and validations have been completed? ● How many risk assessments (DPIAs or PIAs) have been completed or are in-progress? ● How many access requests have been made - and how long does it take to respond? ● How many enforcement notices have been received? ● How many updates to the privacy notice have there been? (How many notices are there?) ● How many employee notices do you have? ● How many privacy enhancing technologies exist? ● How many data inventories have been conducted? ● How many privacy vendors are being used? ● How often is the organization using its outside counsel for privacy concerns? How it Reflects on Your Privacy Culture
13 Why Does Your Company Need a Culture of Privacy? ● External vs. Internal ● How do define privacy - right / obligation? ● Global Culture (opt-in vs opt-out) ● Reactive (as a society) vs. Proactive ○ Governance - ○ Fines ○ Roles ○ Meetings ○ DSARs…. In CA - Wholistic - BYOD - money - ○ Automate it - ○ Political - National vs US
14 14 Q&A
15 Thank You! See http://www.trustarc.com/insightseries for the 2023 Privacy Insight Series and past webinar recordings. If you would like to learn more about how TrustArc can support you with compliance, please reach out to sales@trustarc.com for a free demo.

Recommended

Artificial intelligence and ipr
Artificial intelligence and iprArtificial intelligence and ipr
Artificial intelligence and ipr
Nibedita Basu
 
Artificial Intelligence and Intellectual Property
Artificial Intelligence and Intellectual PropertyArtificial Intelligence and Intellectual Property
Artificial Intelligence and Intellectual Property
Arul Scaria
 
Bio-Ethics and Patenting
Bio-Ethics and PatentingBio-Ethics and Patenting
Bio-Ethics and Patenting
Benita Ezeigbo
 
trademark issues in cyberspace
trademark issues in cyberspace trademark issues in cyberspace
trademark issues in cyberspace
Panjab University
 
Human rights : A fundamental right
Human rights : A fundamental rightHuman rights : A fundamental right
Human rights : A fundamental right
5SAH
 
What Is The Artificial Intelligence Of Things? When AI Meets IoT
What Is The Artificial Intelligence Of Things? When AI Meets IoTWhat Is The Artificial Intelligence Of Things? When AI Meets IoT
What Is The Artificial Intelligence Of Things? When AI Meets IoT
Bernard Marr
 
Trademark law in india everything you must know
Trademark law in india everything you must knowTrademark law in india everything you must know
Trademark law in india everything you must know
Vijay Dalmia
 
Cyber jurisdiction in India
Cyber jurisdiction in IndiaCyber jurisdiction in India
Cyber jurisdiction in India
shamvisingh
 

Recommended

Artificial intelligence and ipr
Artificial intelligence and iprArtificial intelligence and ipr
Artificial intelligence and ipr
Nibedita Basu
 
Artificial Intelligence and Intellectual Property
Artificial Intelligence and Intellectual PropertyArtificial Intelligence and Intellectual Property
Artificial Intelligence and Intellectual Property
Arul Scaria
 
Bio-Ethics and Patenting
Bio-Ethics and PatentingBio-Ethics and Patenting
Bio-Ethics and Patenting
Benita Ezeigbo
 
trademark issues in cyberspace
trademark issues in cyberspace trademark issues in cyberspace
trademark issues in cyberspace
Panjab University
 
Human rights : A fundamental right
Human rights : A fundamental rightHuman rights : A fundamental right
Human rights : A fundamental right
5SAH
 
What Is The Artificial Intelligence Of Things? When AI Meets IoT
What Is The Artificial Intelligence Of Things? When AI Meets IoTWhat Is The Artificial Intelligence Of Things? When AI Meets IoT
What Is The Artificial Intelligence Of Things? When AI Meets IoT
Bernard Marr
 
Trademark law in india everything you must know
Trademark law in india everything you must knowTrademark law in india everything you must know
Trademark law in india everything you must know
Vijay Dalmia
 
Cyber jurisdiction in India
Cyber jurisdiction in IndiaCyber jurisdiction in India
Cyber jurisdiction in India
shamvisingh
 
Case Study on Basamati Rice Patent Battle
Case Study on Basamati Rice Patent BattleCase Study on Basamati Rice Patent Battle
Case Study on Basamati Rice Patent Battle
Abhishekvb
 
Turmeric Patent Case
Turmeric Patent CaseTurmeric Patent Case
Turmeric Patent Case
Siddharth Singh
 
Intellectual Property Rights in India : An Overview
Intellectual Property Rights in India : An OverviewIntellectual Property Rights in India : An Overview
Intellectual Property Rights in India : An Overview
Dr. Kalpeshkumar L Gupta
 
Introduction to intellectual property law
Introduction to intellectual property lawIntroduction to intellectual property law
Introduction to intellectual property law
Prof. (Dr.) Tabrez Ahmad
 
Ai copyright: ownership and liability
Ai copyright: ownership and liabilityAi copyright: ownership and liability
Ai copyright: ownership and liability
Andres Guadamuz
 
Human rights
Human rightsHuman rights
Human rights
almusociales
 
Prior art search
Prior art searchPrior art search
Prior art search
Seweta Srivastava
 
casesipindiancontext-230226120047-6d674515.pptx
casesipindiancontext-230226120047-6d674515.pptxcasesipindiancontext-230226120047-6d674515.pptx
casesipindiancontext-230226120047-6d674515.pptx
Dr. Nidhi Raj Gupta
 
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
Abhishek Singh
 
Infringement of Copyright (Case Laws)
Infringement of Copyright (Case Laws)Infringement of Copyright (Case Laws)
Infringement of Copyright (Case Laws)
shlishadevadiga
 
Kani tribe: The Jivani case
Kani tribe: The Jivani caseKani tribe: The Jivani case
Kani tribe: The Jivani case
Rashmi Pandey
 
Ipr neem patent
Ipr neem patentIpr neem patent
Ipr neem patent
Gauravrajsinh Vaghela
 
Patent search
Patent searchPatent search
Patent search
Urmila Aswar
 
Ppt on human rights
Ppt on human rightsPpt on human rights
Ppt on human rights
Pratibha
 
Cyber crime against property
Cyber crime against propertyCyber crime against property
Cyber crime against property
varunbamba
 
My presentation isv conference 7th jan 2011
My presentation isv conference 7th jan 2011My presentation isv conference 7th jan 2011
My presentation isv conference 7th jan 2011
Prof. (Dr.) Tabrez Ahmad
 
Llm lecture ipr concept and theories [compatibility mode]
Llm lecture ipr concept and theories [compatibility mode]Llm lecture ipr concept and theories [compatibility mode]
Llm lecture ipr concept and theories [compatibility mode]
sanjeev kumar chaswal
 
Refugees intro
Refugees introRefugees intro
Refugees intro
Hoppers Crossing Sec College
 
Novelty to Nonobviousness
Novelty to NonobviousnessNovelty to Nonobviousness
Novelty to Nonobviousness
fungfung Chen
 
Turmeric patent case
Turmeric patent caseTurmeric patent case
Turmeric patent case
Seth Romary
 
Privacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot PrivacyPrivacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot Privacy
Ivan Tsarynny
 
PrivacyOps Framework
PrivacyOps FrameworkPrivacyOps Framework
PrivacyOps Framework
Feroot
 

More Related Content

What's hot

Intellectual Property Rights in India : An Overview
Intellectual Property Rights in India : An OverviewIntellectual Property Rights in India : An Overview
Intellectual Property Rights in India : An Overview
Dr. Kalpeshkumar L Gupta
 
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
Abhishek Singh
 
Llm lecture ipr concept and theories [compatibility mode]
Llm lecture ipr concept and theories [compatibility mode]Llm lecture ipr concept and theories [compatibility mode]
Llm lecture ipr concept and theories [compatibility mode]
sanjeev kumar chaswal
 
Turmeric patent case
Turmeric patent caseTurmeric patent case
Turmeric patent case
Seth Romary
 

What's hot (20)

Case Study on Basamati Rice Patent Battle
Case Study on Basamati Rice Patent BattleCase Study on Basamati Rice Patent Battle
Case Study on Basamati Rice Patent Battle
 
Turmeric Patent Case
Turmeric Patent CaseTurmeric Patent Case
Turmeric Patent Case
 
Intellectual Property Rights in India : An Overview
Intellectual Property Rights in India : An OverviewIntellectual Property Rights in India : An Overview
Intellectual Property Rights in India : An Overview
 
Introduction to intellectual property law
Introduction to intellectual property lawIntroduction to intellectual property law
Introduction to intellectual property law
 
Ai copyright: ownership and liability
Ai copyright: ownership and liabilityAi copyright: ownership and liability
Ai copyright: ownership and liability
 
Human rights
Human rightsHuman rights
Human rights
 
Prior art search
Prior art searchPrior art search
Prior art search
 
casesipindiancontext-230226120047-6d674515.pptx
casesipindiancontext-230226120047-6d674515.pptxcasesipindiancontext-230226120047-6d674515.pptx
casesipindiancontext-230226120047-6d674515.pptx
 
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
Intellectual property rights(I.P.R.) and traditional knowledge protection of ...
 
Infringement of Copyright (Case Laws)
Infringement of Copyright (Case Laws)Infringement of Copyright (Case Laws)
Infringement of Copyright (Case Laws)
 
Kani tribe: The Jivani case
Kani tribe: The Jivani caseKani tribe: The Jivani case
Kani tribe: The Jivani case
 
Ipr neem patent
Ipr neem patentIpr neem patent
Ipr neem patent
 
Patent search
Patent searchPatent search
Patent search
 
Ppt on human rights
Ppt on human rightsPpt on human rights
Ppt on human rights
 
Cyber crime against property
Cyber crime against propertyCyber crime against property
Cyber crime against property
 
My presentation isv conference 7th jan 2011
My presentation isv conference 7th jan 2011My presentation isv conference 7th jan 2011
My presentation isv conference 7th jan 2011
 
Llm lecture ipr concept and theories [compatibility mode]
Llm lecture ipr concept and theories [compatibility mode]Llm lecture ipr concept and theories [compatibility mode]
Llm lecture ipr concept and theories [compatibility mode]
 
Refugees intro
Refugees introRefugees intro
Refugees intro
 
Novelty to Nonobviousness
Novelty to NonobviousnessNovelty to Nonobviousness
Novelty to Nonobviousness
 
Turmeric patent case
Turmeric patent caseTurmeric patent case
Turmeric patent case
 

Similar to Why Your Company Needs A Privacy Culture & Where To Start

Privacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot PrivacyPrivacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot Privacy
Ivan Tsarynny
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 States
TrustArc
 
Managing Information for Impact
Managing Information for ImpactManaging Information for Impact
Managing Information for Impact
Donny Shimamoto
 
Is Your Agency Data Challenged?
Is Your Agency Data Challenged?Is Your Agency Data Challenged?
Is Your Agency Data Challenged?
DLT Solutions
 
Cost benefit analysis vs confidentiality
Cost benefit analysis vs confidentialityCost benefit analysis vs confidentiality
Cost benefit analysis vs confidentiality
Prithvi Ghag
 
TrustArc-Webinar-Slides-2022-03-01-Is Your Privacy Program Ready for a Fundin...
TrustArc-Webinar-Slides-2022-03-01-Is Your Privacy Program Ready for a Fundin...TrustArc-Webinar-Slides-2022-03-01-Is Your Privacy Program Ready for a Fundin...
TrustArc-Webinar-Slides-2022-03-01-Is Your Privacy Program Ready for a Fundin...
TrustArc
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Soumodeep Nanee Kundu
 
Evolution of Records Management in Law Firms
Evolution of Records Management in Law FirmsEvolution of Records Management in Law Firms
Evolution of Records Management in Law Firms
Jim Merrifield, IGP, CIP
 
Data Driven Culture with Slalom's Director of Analytics
Data Driven Culture with Slalom's Director of AnalyticsData Driven Culture with Slalom's Director of Analytics
Data Driven Culture with Slalom's Director of Analytics
Promotable
 
How to Build a Modern Law Firm
How to Build a Modern Law FirmHow to Build a Modern Law Firm
How to Build a Modern Law Firm
Clio - Cloud-Based Legal Technology
 
Compliance as Culture Strategy
Compliance as Culture StrategyCompliance as Culture Strategy
Compliance as Culture Strategy
Cornerstone OnDemand
 
A Practical Guide To Information Governance
A Practical Guide To Information GovernanceA Practical Guide To Information Governance
A Practical Guide To Information Governance
Michael Curcio
 
Start With Why: Build Product Progress with a Strong Data Culture
Start With Why: Build Product Progress with a Strong Data CultureStart With Why: Build Product Progress with a Strong Data Culture
Start With Why: Build Product Progress with a Strong Data Culture
Aggregage
 
Start With Why: Build Product Progress with a Strong Data Culture
Start With Why: Build Product Progress with a Strong Data CultureStart With Why: Build Product Progress with a Strong Data Culture
Start With Why: Build Product Progress with a Strong Data Culture
BrittanyShear
 
The Whole is Greater than the Sum of its Parts with IG
The Whole is Greater than the Sum of its Parts with IGThe Whole is Greater than the Sum of its Parts with IG
The Whole is Greater than the Sum of its Parts with IG
Ronke Ekwensi
 

Similar to Why Your Company Needs A Privacy Culture & Where To Start (20)

Privacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot PrivacyPrivacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot Privacy
 
PrivacyOps Framework
PrivacyOps FrameworkPrivacyOps Framework
PrivacyOps Framework
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 States
 
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
[Webinar Slides] Data Privacy for the IM Practitioner - Practical Advice for ...
 
Managing Information for Impact
Managing Information for ImpactManaging Information for Impact
Managing Information for Impact
 
An examination of the ethical considerations involved in data analytics
An examination of the ethical considerations involved in data analyticsAn examination of the ethical considerations involved in data analytics
An examination of the ethical considerations involved in data analytics
 
Is Your Agency Data Challenged?
Is Your Agency Data Challenged?Is Your Agency Data Challenged?
Is Your Agency Data Challenged?
 
Human resources: protecting confidentiality
Human resources: protecting confidentiality Human resources: protecting confidentiality
Human resources: protecting confidentiality
 
Cost benefit analysis vs confidentiality
Cost benefit analysis vs confidentialityCost benefit analysis vs confidentiality
Cost benefit analysis vs confidentiality
 
TrustArc-Webinar-Slides-2022-03-01-Is Your Privacy Program Ready for a Fundin...
TrustArc-Webinar-Slides-2022-03-01-Is Your Privacy Program Ready for a Fundin...TrustArc-Webinar-Slides-2022-03-01-Is Your Privacy Program Ready for a Fundin...
TrustArc-Webinar-Slides-2022-03-01-Is Your Privacy Program Ready for a Fundin...
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
 
Evolution of Records Management in Law Firms
Evolution of Records Management in Law FirmsEvolution of Records Management in Law Firms
Evolution of Records Management in Law Firms
 
Data Driven Culture with Slalom's Director of Analytics
Data Driven Culture with Slalom's Director of AnalyticsData Driven Culture with Slalom's Director of Analytics
Data Driven Culture with Slalom's Director of Analytics
 
How to Build a Modern Law Firm
How to Build a Modern Law FirmHow to Build a Modern Law Firm
How to Build a Modern Law Firm
 
Compliance as Culture Strategy
Compliance as Culture StrategyCompliance as Culture Strategy
Compliance as Culture Strategy
 
A Practical Guide To Information Governance
A Practical Guide To Information GovernanceA Practical Guide To Information Governance
A Practical Guide To Information Governance
 
Start With Why: Build Product Progress with a Strong Data Culture
Start With Why: Build Product Progress with a Strong Data CultureStart With Why: Build Product Progress with a Strong Data Culture
Start With Why: Build Product Progress with a Strong Data Culture
 
Start With Why: Build Product Progress with a Strong Data Culture
Start With Why: Build Product Progress with a Strong Data CultureStart With Why: Build Product Progress with a Strong Data Culture
Start With Why: Build Product Progress with a Strong Data Culture
 
The Whole is Greater than the Sum of its Parts with IG
The Whole is Greater than the Sum of its Parts with IGThe Whole is Greater than the Sum of its Parts with IG
The Whole is Greater than the Sum of its Parts with IG
 
Enterprise Data World Webinar: A Strategic Approach to Data Quality
Enterprise Data World Webinar: A Strategic Approach to Data Quality Enterprise Data World Webinar: A Strategic Approach to Data Quality
Enterprise Data World Webinar: A Strategic Approach to Data Quality
 

More from TrustArc

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
TrustArc
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy Compliance
TrustArc
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
TrustArc
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
TrustArc
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy Certifications
TrustArc
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI Governance
TrustArc
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023
TrustArc
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
TrustArc
 

More from TrustArc (20)

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI Innovations
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy Compliance
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy Certifications
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI Governance
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
 

Recently uploaded

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 

Recently uploaded (20)

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
НАДІЯ ФЕДЮШКО БАЦ «Професійне зростання QA спеціаліста»
 

Why Your Company Needs A Privacy Culture & Where To Start

  • 1. 1 © 2022 TrustArc Inc. Proprietary and Confidential Information. Why Your Company Needs A Privacy Culture & Where To Start
  • 2. 2 Agenda ● TrustArc’s views on a Culture of Privacy ● Create a Privacy Mission Statement and Vision ● The Effects of a Culture of Privacy are seen in a Strong Privacy Program ● What Privacy Programs Say About Culture ● From a Privacy Program to a Privacy Culture ● Create a Privacy Team ● Privacy Tech Solutions ● How Personal Data Supports Other Business Objectives ● Privacy Culture Metrics ● Q&A
  • 3. 3 Speakers Fernando Barreiro CIPP/E, CIPM Global Privacy Principal TrustArc Andrew Scott Privacy Counsel TrustArc
  • 4. 4 TrustArc’s Leaders on Culture of Privacy Means…. “Shared understanding of how data may be used to support business objectives but enable individuals to access their rights.” - Meaghan McCluskey, Associate General Counsel, TrustArc “Treat the privacy of others like its your own.” - Chris Babel, CEO, TrustArc “Pushing privacy throughout the organization (Engineering, Legal, Marketing) so everyone knows what they need to do to protect the data and what they need to do as their job as part of that” - Michael Lin, Chief Product Officer, TrustArc “Changing the way management looks at the way the manage data, moving the perspective from trying to comply with the law to that of how privacy adds value to the business rather than taking it away” - Ralph O’Brien, Principal Consultant, Europe, TrustArc
  • 5. 5 Create a Privacy Mission Statement and Vision Our Data Values At TrustArc, Privacy is our Business. ○ Embedding privacy. We strive to help businesses embed privacy into their strategy and operations by providing simple, scalable, and intelligent solutions that help our customers continually manage privacy compliance and risk. ○ Responsible use. We help to promote responsible data use and stewardship among businesses and suppliers around the world. ○ Purpose driven. We only collect, use, and share the information needed to provide and operate our solutions and to help our customers meet their accountability and regulatory compliance needs. ○ Always improving. We process data about the use of our solutions and the way we operate our own business in order to help us better understand the needs of our customers, prospects, and other stakeholders, and to continue to improve user experience, features, and functionality of our solutions. Other Company’s Statements ○ “Privacy is a fundamental human right. It’s also one of our core values. Which is why we design our products and services to protect it. That’s the kind of innovation we believe in.” - Apple ○ “At Salesforce, trust is our #1 value. This Privacy Statement describes how Salesforce collects, uses, shares or otherwise processes information relating to individuals (“Personal Data”) and the rights associated with that processing.” - Salesforce ● A Mission Statement statement describes the purpose and ideas
  • 6. 6 The Effects of a Culture of Privacy are seen in a Strong Privacy Program ● Helps Meet Regulatory Compliance Obligations ○ Fines for non-compliance; compliance with one framework will not always satisfy for others ● Improves Optics ○ More opportunities to build or lose trust with brand (data can be traded for trust) ● Increases Employee Confidence / Reduces Risk ○ Providing employees with confidence to raise complaints without retaliation; reduce suits ○ Making employees aware of their rights and security of their data ● Increases Cross-Functional Collaboration ○ Communication has increased between Legal, HR, and Technology Departments regarding privacy matters (e.g., understanding automated employment decisions, increased training with responding to complaints/requests) ● Improves Allocation of In-House Resources ○ Need to reassess data flows, consult outside counsel, seek new technical solutions, implement new controls, regularly assess the effectiveness of the controls, and create new roles; improve data quality, reduces ● Improves Business Strategy (Corporate Governance) ○ Increased need to establish a privacy stakeholder and consider privacy not as a cost but as core business strategy ● Global Regulatory Environment (Interoperability)
  • 7. 7 What Privacy Programs Say About Privacy Culture ● Compliance Should Not be the End Goal of the Program ○ With the sole goal of regulatory compliance, privacy will be an inhibiting factor in the organization’s to drive strategic decisions; privacy does not have to affect the bottom-line ○ Consider creating a program with a true “floor” rather than a privacy patchwork ○ If resources are thin, consider a base framework and evaluate the organization’s appetite for risk ○ Does your privacy notice tell your organization’s story? ● What Personal Information is Collected and Processed throughout the organization? ○ How is PI Collected? ○ How is PI Retained? ○ Where is PI Transferred? ○ How is PI Accessed? ● Considerations ○ The strength of the administrative, technical, and physical safeguards to protect against collection, use, an disclosure throughout the organization
  • 8. 8 From a Privacy Program to a Privacy Culture ● Embed a Privacy Program into all aspects of the organization (default is a Privacy Culture) ● Make the Privacy Program resilient (protect proprietary information via compliance) ● Make the Program a group effort beyond the Privacy Team (talk about it) ● Don’t Impose, ask for help/feedback: be a resource for the organization, don’t be afraid to adapt the program based on received feed (frame it as trying to achieve strategic goals) ● Build a Privacy team or Privacy Office full of privacy advocates and good communicators ● Find Privacy Champions across the organization. Recognise their inputs and work. ● Be creative in your communication strategy: trainings should be useful and interesting, organize privacy events, engage the audience, create friendly materials.
  • 9. 9 Create a Privacy Team ● The team should be aligned with the organization’s objectives and goals ● Identify a sponsor / champion to liaise with other teams ● Consider cadence of meetings and who else should be invited ● Funding will not be hard if there is a culture of privacy
  • 10. 10 Privacy Tech Solutions ● Consent Tools ● Privacy Enhancing Technologies ● Data Inventories ● Risk Assessments ● Assurance: Certifications, validations, and seals communicate trust to customers and consumers but also allow for increased business (trade) Wide Range of Solutions to incorporate
  • 11. 11 How Personal Data Supports Other Business Objectives ● Privacy is not only a compliance/risk issue. ● Innovate with Privacy! ○ We don’t want Privacy to be the “No” in moving the organization’s strategic goals ● Trust! Privacy as a business driver and competitive differentiator. Privacy as a core element of companies/brands. ● Consider the effects of losing proprietary information (FTC - algorithm disgorgement) ● ● Human error is number one reason for security breaches. Mature and well implemented privacy program + well established privacy culture reduces this risk preventing reputational, operational and financial losses.
  • 12. 12 Privacy Culture Metrics ● How many legal frameworks is the organization compliant with vs. jurisdictions they are doing business in? ● How many dedicated privacy professionals are there? ● How many privacy incidents have there been? ● How many privacy trainings have been conducted? ● How many certifications and validations have been completed? ● How many risk assessments (DPIAs or PIAs) have been completed or are in-progress? ● How many access requests have been made - and how long does it take to respond? ● How many enforcement notices have been received? ● How many updates to the privacy notice have there been? (How many notices are there?) ● How many employee notices do you have? ● How many privacy enhancing technologies exist? ● How many data inventories have been conducted? ● How many privacy vendors are being used? ● How often is the organization using its outside counsel for privacy concerns? How it Reflects on Your Privacy Culture
  • 13. 13 Why Does Your Company Need a Culture of Privacy? ● External vs. Internal ● How do define privacy - right / obligation? ● Global Culture (opt-in vs opt-out) ● Reactive (as a society) vs. Proactive ○ Governance - ○ Fines ○ Roles ○ Meetings ○ DSARs…. In CA - Wholistic - BYOD - money - ○ Automate it - ○ Political - National vs US
  • 15. 15 Thank You! See http://www.trustarc.com/insightseries for the 2023 Privacy Insight Series and past webinar recordings. If you would like to learn more about how TrustArc can support you with compliance, please reach out to sales@trustarc.com for a free demo.