SlideShare une entreprise Scribd logo

Privacy Program Management: A Framework for Success [Webinar Slides]

TrustArc
TrustArc

Watch the webinar on-demand: https://info.truste.com/privacy-program-management-framework-webinar.html Privacy Program Management is not a once-and-done activity. To be successful it requires ongoing management and a clear framework of standards and operational controls to support each phase of privacy program development. Privacy also needs to be aligned with compliance, IT, Legal and the business and form part of an organization’s broader compliance and information management objectives. Register now to watch this free on-demand webinar (and access the webinar slides) on: - Building a program to integrate with other compliance and information and data management functions within an organization - Implementing a program across organizational processes, technologies and products - Demonstrating the program to organizational leadership, regulators, customers and other stakeholders Watch this on-demand webinar NOW to understand how using a privacy control framework can help set you up for success and ensure that your program is aligned with the requirements of the GDPR and other key privacy laws and regulatory frameworks: https://info.truste.com/privacy-program-management-framework-webinar.html To register for upcoming other TRUSTe Webinars (upcoming/on-demand) visit: https://www.truste.com/events/privacy-insight-webinar-schedule/

Droit
1  sur  25
Télécharger pour lire hors ligne
1 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Privacy Program Management: A Framework for Success March 23, 2017
2 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Today’s Speaker Hilary Wandall General Counsel Chief Data Governance Officer TRUSTe
3 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Welcome & Introductions • Policy and Regulatory Origins and Developments • Choosing a Model • Framework for Core Program Elements • 3Ds: Design, Document & Demonstrate • Q&A Today’s Agenda
4 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Policy and Regulatory Origins and Developments
5 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Policy and Regulatory Origins • OECD Privacy Guidelines – 1980 – Accountability Principle • PIPEDA (Canada) – 2000 – Accountability Principle • APEC Privacy Framework – 2005 – Accountability Principle • CIPL Accountability Project – 2008 • APEC CBPRs – 2011 • Canada Privacy Management Program – 2012 • Revised OECD Privacy Guidelines – 2013 – Privacy Management Programme • EU GDPR – 2016
6 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 OECD Privacy Guidelines 2013 • New Part III – Implementing Accountability – Establish a Privacy Management Programme o Implements requirements of the Guidelines o Tailored based on structure, scale, sensitivity and volume of the operations (“risk factors”) o Safeguards implemented based on privacy risk assessment o Integrated with organizational governance and oversight mechanisms o Inquiry and incident response mechanisms o Update based on monitoring and periodic assessment – Demonstrate the programme to regulators and others responsible for enforcement
7 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 EU GDPR – Example Provisions • Article 5.2 – Controllers are responsible for demonstrating compliance with the principles of: o Lawfulness, fairness and transparency o Purpose limitation o Data minimization o Accuracy o Storage limitation o Integrity and confidentiality • Article 24 – Controllers are responsible for implementing organizational and technical measures to ensure and demonstrate that processing is compliant, such as policies and procedures, codes of conduct, or certification • Article 39 – Tasks of the DPO – Advice, monitoring compliance, awareness, training, audits
8 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Choose a Model
9 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Choose a Model • Consider organizational structure – Where are you headquartered? – Centralized versus distributed – Is central coordination possible and effective? – How do other organizational governance functions operate? • Consider functional alignment and coordination – Which organizational area is best suited to support sustainable success of the program? – Is there a strong executive champion? – What levels of cross-functional coordination are needed – strategic vs. tactical? • Consider legal requirements, ethical obligations and risk – Legal drivers, culture toward ethical and CSR considerations – Organizational risk tolerance
10 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Aligning Organizational Governance & Oversight Legal Regulatory Government Affairs Compliance Ethics CSR IT Data & Records Mgmt. Business Analytics Risk Mgmt. Privacy
11 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Aligning Organizational Governance & Oversight • Elements of an Effective Ethics and Compliance Program – Establish Policies, Procedures and Controls – Exercise Effective Compliance & Ethics Oversight – Exercise Due Diligence (third party risk) – Communicate and Educate Employees – Monitor and Audit for Effectiveness – Ensure Consistent Rewards and Sanctions – Incident Response and Prevention
12 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Framework for Core Program Elements
13 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Build Your Program – 6 Essential Elements Build Establish, maintain and evolve an integrated privacy and data governance program aligned with other data management and information risk functions such as security, IP, trade secret protection and e-discovery Integrated Governance Identify stakeholders. Establish program leadership and governance. Define program mission, vision and goals. Risk Assessment Identify, assess and classify data- related strategic, operational, legal compliance and financial risks. Resource Allocation Establish budgets. Define roles and responsibilities. Assign competent personnel. Policies & Standards Develop policies, procedures and guidelines to define and deploy effective and sustainable governance and controls for managing data- related risks. Processes Establish, manage, measure and continually improve processes for PIAs, vendor assessments, incident management and breach notification, complaint handling and individual rights management. Awareness & Training Communicate expectations. Provide general & contextual training. Learn and Evolve Over Time
14 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Demonstrate Your Program – 2 Core Standards Monitoring & Assurance Evaluate and audit effectiveness of controls and risk mitigation initiatives. Reporting & Certification Demonstrate the value and effectiveness of your program and controls to customers, employees, management, the board of directors, regulators and the public. Demonstrate Demonstrate program and practices compliance, maturity, responsibility and value to organizational leadership, regulators, customers, other stakeholders through monitoring, assurance, reporting and certification Learn and Evolve Over Time
15 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 3Ds: Design, Document, Demonstrate
16 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Tools to Build and Demonstrate Your Program Supported by the TRUSTe Data Privacy Management Platform
17 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
18 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
19 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
20 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
21 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
22 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Questions?
23 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Hilary Wandall hilary@truste.com Contact:
24 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Register now for the next webinar in our 2017 Winter/Spring Webinar Series on April 13, 2017 “Swiss-US Privacy Shield Rollout: What to Expect” • https://info.truste.com/swiss-us-privacy-shield-rollout-webinar.html See http://www.truste.com/insightseries for the 2017 Privacy Insight Series and past webinar recordings. Thank You!
25 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Register now for the next webinar in our 2017 Winter/Spring Webinar Series on April 27, 2017 “ROI of Privacy: Building a Case for Investment” • https://info.truste.com/roi-of-privacy-webinar.html See http://www.truste.com/insightseries for the 2017 Privacy Insight Series and past webinar recordings. Thank You!

Recommandé

3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with DataSeth Familian
 
Designing Teams for Emerging Challenges
Designing Teams for Emerging ChallengesDesigning Teams for Emerging Challenges
Designing Teams for Emerging ChallengesAaron Irizarry
 
Build Features, Not Apps
Build Features, Not AppsBuild Features, Not Apps
Build Features, Not AppsNatasha Murashev
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheLeslie Samuel
 
How to Make Awesome SlideShares: Tips & Tricks
How to Make Awesome SlideShares: Tips & TricksHow to Make Awesome SlideShares: Tips & Tricks
How to Make Awesome SlideShares: Tips & TricksSlideShare
 
UX, ethnography and possibilities: for Libraries, Museums and Archives
UX, ethnography and possibilities: for Libraries, Museums and ArchivesUX, ethnography and possibilities: for Libraries, Museums and Archives
UX, ethnography and possibilities: for Libraries, Museums and ArchivesNed Potter
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerLuminary Labs
 

Recommandé

3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
Visual Design with Data
Visual Design with DataVisual Design with Data
Visual Design with DataSeth Familian
 
Designing Teams for Emerging Challenges
Designing Teams for Emerging ChallengesDesigning Teams for Emerging Challenges
Designing Teams for Emerging ChallengesAaron Irizarry
 
Build Features, Not Apps
Build Features, Not AppsBuild Features, Not Apps
Build Features, Not AppsNatasha Murashev
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheLeslie Samuel
 
How to Make Awesome SlideShares: Tips & Tricks
How to Make Awesome SlideShares: Tips & TricksHow to Make Awesome SlideShares: Tips & Tricks
How to Make Awesome SlideShares: Tips & TricksSlideShare
 
UX, ethnography and possibilities: for Libraries, Museums and Archives
UX, ethnography and possibilities: for Libraries, Museums and ArchivesUX, ethnography and possibilities: for Libraries, Museums and Archives
UX, ethnography and possibilities: for Libraries, Museums and ArchivesNed Potter
 
Hype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerHype vs. Reality: The AI Explainer
Hype vs. Reality: The AI ExplainerLuminary Labs
 
TEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkTEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkVolker Hirsch
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShareSlideShare
 
What Makes Great Infographics
What Makes Great InfographicsWhat Makes Great Infographics
What Makes Great InfographicsSlideShare
 
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeTrustArc
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to KnowTrustArc
 
Standard For Program Management Changes
Standard For Program Management ChangesStandard For Program Management Changes
Standard For Program Management Changesgryasam
 
[Privacy Webinar Slides] Global Enforcement Priorities
[Privacy Webinar Slides] Global Enforcement Priorities[Privacy Webinar Slides] Global Enforcement Priorities
[Privacy Webinar Slides] Global Enforcement PrioritiesTrustArc
 
IT Services Delivery - Program Management Office (PMO)
IT Services Delivery - Program Management Office (PMO)IT Services Delivery - Program Management Office (PMO)
IT Services Delivery - Program Management Office (PMO)VSR *
 
Building an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeBuilding an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeTrustArc
 
Program management skills
Program management skillsProgram management skills
Program management skillsTathagat Varma
 
Project, Program & Portfolio Management
Project, Program & Portfolio ManagementProject, Program & Portfolio Management
Project, Program & Portfolio ManagementAnand Subramaniam
 
Masters of SlideShare
Masters of SlideShareMasters of SlideShare
Masters of SlideShareKapost
 
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareSTOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareEmpowered Presentations
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...TrustArc
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesTrustArc
 

Contenu connexe

En vedette

TEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkTEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkVolker Hirsch
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShareSlideShare
 
What Makes Great Infographics
What Makes Great InfographicsWhat Makes Great Infographics
What Makes Great InfographicsSlideShare
 
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeTrustArc
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to KnowTrustArc
 
Standard For Program Management Changes
Standard For Program Management ChangesStandard For Program Management Changes
Standard For Program Management Changesgryasam
 
[Privacy Webinar Slides] Global Enforcement Priorities
[Privacy Webinar Slides] Global Enforcement Priorities[Privacy Webinar Slides] Global Enforcement Priorities
[Privacy Webinar Slides] Global Enforcement PrioritiesTrustArc
 
IT Services Delivery - Program Management Office (PMO)
IT Services Delivery - Program Management Office (PMO)IT Services Delivery - Program Management Office (PMO)
IT Services Delivery - Program Management Office (PMO)VSR *
 
Building an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeBuilding an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeTrustArc
 
Program management skills
Program management skillsProgram management skills
Program management skillsTathagat Varma
 
Project, Program & Portfolio Management
Project, Program & Portfolio ManagementProject, Program & Portfolio Management
Project, Program & Portfolio ManagementAnand Subramaniam
 
Masters of SlideShare
Masters of SlideShareMasters of SlideShare
Masters of SlideShareKapost
 
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareSTOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareEmpowered Presentations
 

En vedette (13)

TEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of WorkTEDx Manchester: AI & The Future of Work
TEDx Manchester: AI & The Future of Work
 
Getting Started With SlideShare
Getting Started With SlideShareGetting Started With SlideShare
Getting Started With SlideShare
 
What Makes Great Infographics
What Makes Great InfographicsWhat Makes Great Infographics
What Makes Great Infographics
 
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
 
[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know[Webinar Slides] Privacy Shield is Here – What You Need to Know
[Webinar Slides] Privacy Shield is Here – What You Need to Know
 
Standard For Program Management Changes
Standard For Program Management ChangesStandard For Program Management Changes
Standard For Program Management Changes
 
[Privacy Webinar Slides] Global Enforcement Priorities
[Privacy Webinar Slides] Global Enforcement Priorities[Privacy Webinar Slides] Global Enforcement Priorities
[Privacy Webinar Slides] Global Enforcement Priorities
 
IT Services Delivery - Program Management Office (PMO)
IT Services Delivery - Program Management Office (PMO)IT Services Delivery - Program Management Office (PMO)
IT Services Delivery - Program Management Office (PMO)
 
Building an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTeBuilding an Effective Data Privacy Program – 6 Steps from TRUSTe
Building an Effective Data Privacy Program – 6 Steps from TRUSTe
 
Program management skills
Program management skillsProgram management skills
Program management skills
 
Project, Program & Portfolio Management
Project, Program & Portfolio ManagementProject, Program & Portfolio Management
Project, Program & Portfolio Management
 
Masters of SlideShare
Masters of SlideShareMasters of SlideShare
Masters of SlideShare
 
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to SlideshareSTOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
 

Plus de TrustArc

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...TrustArc
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesTrustArc
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceTrustArc
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfTrustArc
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...TrustArc
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsTrustArc
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsTrustArc
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...TrustArc
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdfTrustArc
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceTrustArc
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023TrustArc
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustTrustArc
 
The Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowThe Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowTrustArc
 

Plus de TrustArc (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
TrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI InnovationsTrustArc Webinar - TrustArc's Latest AI Innovations
TrustArc Webinar - TrustArc's Latest AI Innovations
 
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
 
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data SecurityTrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
TrustArc Webinar - Privacy in Healthcare_ Ensuring Data Security
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
Mitigating Third-Party Risks: Best Practices for CISOs in Ensuring Robust Sec...
 
Nymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 StatesNymity Framework: Privacy & Data Protection Update in 7 States
Nymity Framework: Privacy & Data Protection Update in 7 States
 
CBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy ComplianceCBPR - Navigating Cross-Border Data Privacy Compliance
CBPR - Navigating Cross-Border Data Privacy Compliance
 
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdfEverything You Need to Know about DPF But Are Afraid to Ask.pdf
Everything You Need to Know about DPF But Are Afraid to Ask.pdf
 
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
Your Guide to Understanding the Global Privacy Control (GPC): Preparing for C...
 
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and RecommendationsPrivacy Enhancing Technologies: Exploring the Benefits and Recommendations
Privacy Enhancing Technologies: Exploring the Benefits and Recommendations
 
Building Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy CertificationsBuilding Trust and Competitive Advantage: The Value of Privacy Certifications
Building Trust and Competitive Advantage: The Value of Privacy Certifications
 
The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...The California Age Appropriate Design Code Act Navigating the New Requirement...
The California Age Appropriate Design Code Act Navigating the New Requirement...
 
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
2023 Global Privacy Benchmarks Survey - Webinar May 30 2023.pdf
 
Artificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI GovernanceArtificial Intelligence Bill of Rights: Impacts on AI Governance
Artificial Intelligence Bill of Rights: Impacts on AI Governance
 
How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023How To Do Data Transfers Between EU-US in 2023
How To Do Data Transfers Between EU-US in 2023
 
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining TrustThe Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
The Ultimate Balancing Act: Using Consumer Data and Maintaining Trust
 
The Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To KnowThe Cost of Privacy Teams: What Your Business Needs To Know
The Cost of Privacy Teams: What Your Business Needs To Know
 

Dernier

Transferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptxTransferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptx2020000445musaib
 
INVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptxINVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptxnyabatejosphat1
 
如何办理新西兰奥克兰商学院毕业证(本硕)AIS学位证书
如何办理新西兰奥克兰商学院毕业证(本硕)AIS学位证书如何办理新西兰奥克兰商学院毕业证(本硕)AIS学位证书
如何办理新西兰奥克兰商学院毕业证(本硕)AIS学位证书Fir L
 
Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaNafiaNazim
 
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top BoutiqueAndrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top BoutiqueSkyLaw Professional Corporation
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书FS LS
 
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书Fs Las
 
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptFINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptjudeplata
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书Fs Las
 
Cleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson
 
一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书 一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书SS A
 
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxIBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxRRR Chambers
 
如何办理美国波士顿大学(BU)毕业证学位证书
如何办理美国波士顿大学(BU)毕业证学位证书如何办理美国波士顿大学(BU)毕业证学位证书
如何办理美国波士顿大学(BU)毕业证学位证书Fir L
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书E LSS
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...James Watkins, III JD CFP®
 
LITERAL RULE OF INTERPRETATION - PRIMARY RULE
LITERAL RULE OF INTERPRETATION - PRIMARY RULELITERAL RULE OF INTERPRETATION - PRIMARY RULE
LITERAL RULE OF INTERPRETATION - PRIMARY RULEsreeramsaipranitha
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxRRR Chambers
 

Dernier (20)

Transferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptxTransferable and Non-Transferable Property.pptx
Transferable and Non-Transferable Property.pptx
 
INVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptxINVOLUNTARY TRANSFERS Kenya school of law.pptx
INVOLUNTARY TRANSFERS Kenya school of law.pptx
 
如何办理新西兰奥克兰商学院毕业证(本硕)AIS学位证书
如何办理新西兰奥克兰商学院毕业证(本硕)AIS学位证书如何办理新西兰奥克兰商学院毕业证(本硕)AIS学位证书
如何办理新西兰奥克兰商学院毕业证(本硕)AIS学位证书
 
Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in India
 
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
 
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top BoutiqueAndrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
 
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
如何办理伦敦南岸大学毕业证(本硕)LSBU学位证书
 
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
 
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.pptFINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
FINALTRUEENFORCEMENT OF BARANGAY SETTLEMENT.ppt
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
 
Cleades Robinson's Commitment to Service
Cleades Robinson's Commitment to ServiceCleades Robinson's Commitment to Service
Cleades Robinson's Commitment to Service
 
一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书 一比一原版西澳大学毕业证学位证书
一比一原版西澳大学毕业证学位证书
 
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
Sensual Moments: +91 9999965857 Independent Call Girls Vasundhara Delhi {{ Mo...
 
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptxIBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
IBC (Insolvency and Bankruptcy Code 2016)-IOD - PPT.pptx
 
如何办理美国波士顿大学(BU)毕业证学位证书
如何办理美国波士顿大学(BU)毕业证学位证书如何办理美国波士顿大学(BU)毕业证学位证书
如何办理美国波士顿大学(BU)毕业证学位证书
 
一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书一比一原版利兹大学毕业证学位证书
一比一原版利兹大学毕业证学位证书
 
The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...The Active Management Value Ratio: The New Science of Benchmarking Investment...
The Active Management Value Ratio: The New Science of Benchmarking Investment...
 
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
Russian Call Girls Rohini Sector 7 💓 Delhi 9999965857 @Sabina Modi VVIP MODEL...
 
LITERAL RULE OF INTERPRETATION - PRIMARY RULE
LITERAL RULE OF INTERPRETATION - PRIMARY RULELITERAL RULE OF INTERPRETATION - PRIMARY RULE
LITERAL RULE OF INTERPRETATION - PRIMARY RULE
 
PPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptxPPT- Voluntary Liquidation (Under section 59).pptx
PPT- Voluntary Liquidation (Under section 59).pptx
 

Privacy Program Management: A Framework for Success [Webinar Slides]

  • 1. 1 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Privacy Program Management: A Framework for Success March 23, 2017
  • 2. 2 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Today’s Speaker Hilary Wandall General Counsel Chief Data Governance Officer TRUSTe
  • 3. 3 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 • Welcome & Introductions • Policy and Regulatory Origins and Developments • Choosing a Model • Framework for Core Program Elements • 3Ds: Design, Document & Demonstrate • Q&A Today’s Agenda
  • 4. 4 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Policy and Regulatory Origins and Developments
  • 5. 5 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Policy and Regulatory Origins • OECD Privacy Guidelines – 1980 – Accountability Principle • PIPEDA (Canada) – 2000 – Accountability Principle • APEC Privacy Framework – 2005 – Accountability Principle • CIPL Accountability Project – 2008 • APEC CBPRs – 2011 • Canada Privacy Management Program – 2012 • Revised OECD Privacy Guidelines – 2013 – Privacy Management Programme • EU GDPR – 2016
  • 6. 6 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 OECD Privacy Guidelines 2013 • New Part III – Implementing Accountability – Establish a Privacy Management Programme o Implements requirements of the Guidelines o Tailored based on structure, scale, sensitivity and volume of the operations (“risk factors”) o Safeguards implemented based on privacy risk assessment o Integrated with organizational governance and oversight mechanisms o Inquiry and incident response mechanisms o Update based on monitoring and periodic assessment – Demonstrate the programme to regulators and others responsible for enforcement
  • 7. 7 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 EU GDPR – Example Provisions • Article 5.2 – Controllers are responsible for demonstrating compliance with the principles of: o Lawfulness, fairness and transparency o Purpose limitation o Data minimization o Accuracy o Storage limitation o Integrity and confidentiality • Article 24 – Controllers are responsible for implementing organizational and technical measures to ensure and demonstrate that processing is compliant, such as policies and procedures, codes of conduct, or certification • Article 39 – Tasks of the DPO – Advice, monitoring compliance, awareness, training, audits
  • 8. 8 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Choose a Model
  • 9. 9 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Choose a Model • Consider organizational structure – Where are you headquartered? – Centralized versus distributed – Is central coordination possible and effective? – How do other organizational governance functions operate? • Consider functional alignment and coordination – Which organizational area is best suited to support sustainable success of the program? – Is there a strong executive champion? – What levels of cross-functional coordination are needed – strategic vs. tactical? • Consider legal requirements, ethical obligations and risk – Legal drivers, culture toward ethical and CSR considerations – Organizational risk tolerance
  • 10. 10 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Aligning Organizational Governance & Oversight Legal Regulatory Government Affairs Compliance Ethics CSR IT Data & Records Mgmt. Business Analytics Risk Mgmt. Privacy
  • 11. 11 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Aligning Organizational Governance & Oversight • Elements of an Effective Ethics and Compliance Program – Establish Policies, Procedures and Controls – Exercise Effective Compliance & Ethics Oversight – Exercise Due Diligence (third party risk) – Communicate and Educate Employees – Monitor and Audit for Effectiveness – Ensure Consistent Rewards and Sanctions – Incident Response and Prevention
  • 12. 12 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Framework for Core Program Elements
  • 13. 13 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Build Your Program – 6 Essential Elements Build Establish, maintain and evolve an integrated privacy and data governance program aligned with other data management and information risk functions such as security, IP, trade secret protection and e-discovery Integrated Governance Identify stakeholders. Establish program leadership and governance. Define program mission, vision and goals. Risk Assessment Identify, assess and classify data- related strategic, operational, legal compliance and financial risks. Resource Allocation Establish budgets. Define roles and responsibilities. Assign competent personnel. Policies & Standards Develop policies, procedures and guidelines to define and deploy effective and sustainable governance and controls for managing data- related risks. Processes Establish, manage, measure and continually improve processes for PIAs, vendor assessments, incident management and breach notification, complaint handling and individual rights management. Awareness & Training Communicate expectations. Provide general & contextual training. Learn and Evolve Over Time
  • 14. 14 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Demonstrate Your Program – 2 Core Standards Monitoring & Assurance Evaluate and audit effectiveness of controls and risk mitigation initiatives. Reporting & Certification Demonstrate the value and effectiveness of your program and controls to customers, employees, management, the board of directors, regulators and the public. Demonstrate Demonstrate program and practices compliance, maturity, responsibility and value to organizational leadership, regulators, customers, other stakeholders through monitoring, assurance, reporting and certification Learn and Evolve Over Time
  • 15. 15 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 3Ds: Design, Document, Demonstrate
  • 16. 16 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Tools to Build and Demonstrate Your Program Supported by the TRUSTe Data Privacy Management Platform
  • 17. 17 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
  • 18. 18 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
  • 19. 19 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
  • 20. 20 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
  • 21. 21 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 Privacy & Data Governance Program Assessment
  • 22. 22 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Questions?
  • 23. 23 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Hilary Wandall hilary@truste.com Contact:
  • 24. 24 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Register now for the next webinar in our 2017 Winter/Spring Webinar Series on April 13, 2017 “Swiss-US Privacy Shield Rollout: What to Expect” • https://info.truste.com/swiss-us-privacy-shield-rollout-webinar.html See http://www.truste.com/insightseries for the 2017 Privacy Insight Series and past webinar recordings. Thank You!
  • 25. 25 vPrivacy Insight Series - truste.com/insightseries © TRUSTe Inc., 2017 v © TRUSTe Inc., 2017 Register now for the next webinar in our 2017 Winter/Spring Webinar Series on April 27, 2017 “ROI of Privacy: Building a Case for Investment” • https://info.truste.com/roi-of-privacy-webinar.html See http://www.truste.com/insightseries for the 2017 Privacy Insight Series and past webinar recordings. Thank You!