PRIVACY 101 SETTING UP THE FUNCTION

Similar documents
IT Executive Programs

Guide to Creating EMPLOYEE CENTRIC INTERNAL COMMUNICATIONS

Seven Key Success Factors for Identity Governance

WELCOME. 1

Law Firm Procurement Roundtable Executive Summary. hbrconsulting.com HBR Consulting LLC. All rights reserved.

Enterprise Risk Management

Five Guiding Principles of a Successful Center of Excellence

Law Firm Procurement Roundtable Executive Summary. hbrconsulting.com HBR Consulting LLC. All rights reserved.

Enterprise Risk Management

Sam Wasylyshyn. Reed Stith. Building a Foundation for Growth, Marketing (and Sales) Strategy. Growth Planning for Small and Midsized Companies

STRATEGIES FOR EFFECTIVELY WORKING WITH THIRD-PARTIES. September 2017

General Data Protection Regulation

ISACA San Francisco Chapter

Introduction to Human Resource Management. Class 13

GDPR Compliance Checklist

CSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting

SOCIAL MEDIA ANNUAL AUDIT: YOUR GAME PLAN FOR SUCCESS

Root Strategic Change Process

Guide to laying the foundations for an effective data quality strategy

Process: How we do our Work (Part 1) Presented by: William (Bill) Edmunds Gentleman s C Higher Ed Consulting April 24, 2017

Digitally Transform HR. Customer Experience. for Unparalleled. The HR Innovation & Digitalization Program

Your committee: Evaluates the "tone at the top" and the company's culture, understanding their relevance to financial reporting and compliance

Enterprise compliance Acting on today s risks to avoid tomorrow s crises

NATURAL DISASTERS AND THE WORKPLACE

QUICK FACTS. Supporting a Healthcare Provider s Transformation to ICD-10 TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES.

EY Center for Board Matters

Retail Banking BPO State of the Market with PEAK Matrix Assessment 2016: Analytics and Innovation at the Forefront in Challenging Times

Building a Sustainable Companywide Intelligence Network

VENDOR RISK MANAGEMENT FCC SERVICES

How Tech Has Changed HR and What Can We Expect In the Future

The Journey to Strategic Sourcing: A Roadmap

Table of Contents. 2 Introduction: Planning an Audit? Start Here. 4 Starting From Scratch. 6 COSO s 2013 Internal Control Integrated Framework

Employee Engagement Certificate Program Certified Employee Engagement Specialist

Ready for GDPR? Five steps to turn compliance into your advantage

UNITED WAY PARTNERSHIPS

Catalyst 2018 Digital Organization & Culture Transformation TM Forum, Detecon International GmbH, Concentra Consulting Limited, The GC Index 1

BEATING THE BENCHMARK. A comprehensive guide for assessing and benchmarking compliance program effectiveness

Getting the Most from Your Compensation Review Process

Final Report for Strategic Planning Services November 2008

Compliance Mitigation through Collaboration

4 Steps To Scaling Agile Across The Enterprise. The Guide To Agile At Scale

This Webcast Will Begin Shortly

EHR INTEGRATION: TO BUILD OR TO BUY

Operational Service and Operational Enterprise Agencies Core Competencies

PERFORMANCE MANAGEMENT ROADMAP

Webinar: Deep Dive into the Role of the DPO under the GDPR

Creating a Risk Intelligent Enterprise: Risk sensing

the council initiative on public engagement

Procurement and Supplier engagement in New Product Development. Driving OMX early in the development cycle

Maximizing the value of your data privacy investments

An award-winning employee experience that transforms an organization and future-proofs the workforce

PAPER CX Governance. CX Governance. Align your organization around a unified CX objective to achieve better business results. MARITZCX.

STEPS FOR EFFECTIVE MANAGEMENT OF VENDOR AND SUPPLIER CYBERSECURITY RISKS. April 25, 2018 In-House Counsel Conference

Society for Healthcare Volunteer Leaders. April 2018

Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation

Achieving Organizational Readiness to Maximize the Impact of Skills-Based Volunteering. June 12, 2017

Product Introduction Primer for 2019

Measuring Compliance Program Effectiveness

Getting to Accountability

Are you ready for the future?

Business Continuity Management (BCM) Chicagoland Safety Conference October 24, 2013

Experience Management. Bringing the Voice of the Customer to Data, Insights & Execution

Annual Statewide Trustees Conference MANAGING RISK. Staying Focused on the Mission. November 4, 2015

Experiences. Performance. Results Westlake Drive, #101 Bethesda, MD

1. Planning. Goal BCH17-274_1

Design Parameters Training Technical Assistance Tools & Materials Brands Quality Assurance

The Insight Driven Organization

Head of Business Strategy

FUTURE-PROOF YOUR WORKFORCE

Certified Identity Governance Expert (CIGE) Overview & Curriculum

JOB DESCRIPTION. Director: Policy, Strategy and Partnerships. Level: 1. Executive Director: Resources

YOU RE ONLY AS STRONG AS YOUR WEAKEST LINK

Top Tips for Effective Strategic Planning Meetings

Practices for Effective Local Government Leadership

JOB DESCRIPTION. Director of Advocacy. 1 Westfield Avenue, London E20 1HZ

Operational Analytics for Integrated Marketing

From Backyard Business to Public Company

Praticamente GDPR Spike Reply PART 1

GDPR Practical Approach

28-29 JUNE 2018 MUMBAI.

Agile Transformation In the Digital Age

Essentials for Building a Scalable Privacy Response Strategy. Jay Loder Rouleur Privacy Consulting

Select 2016 Legal project management. Christine Siler, Head of LPM, Continental Europe Richard Kiddell, Partner 13 October 2016

Firm Profile TURNING RISKS INTO OPPORTUNITIES

CASE STUDY. Brand awareness through thought leadership and. media visibility

Ourperspective. The CMO s role in privacy Are your marketing programs affecting your brand?

Project Manager s Roadmap We re all smarter together

The Outlook for Data 2019: A Snapshot Into the Evolving Role of Audience Insight Research from the IAB Data Center of Excellence February 2019

Collective Impact. Prepared for Grantmakers of Kentucky. August 15, Boston Geneva San Francisco Seattle Washington FSG.ORG

2019 PRODUCT STRATEGY AND EXPERIENCE SUMMIT MARCH 27-28, 2019 SAN FRANCISCO, CA

A Practical Guide to Conducting an HR Audit

Sample Human Rights Strategy

Customer Journey Mapping. Building Memorable Customer Experiences. Contact Us: Phone:

QUICK FACTS. Delivering a Managed Services Solution to Satisfy Exponential Business Growth TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES

WHO managerial reforms

Long-Term Value Creation through Effective Post- Merger Integration

Leading Practice Groups in a Time of Great Change

Integrating a robust third-party risk management program with the vendor onboarding process

Does your organization Establish Career Path for all Organizational Project Management Roles"?

The 2014 Enterprise Value Study: How Confidence Drives Stakeholder Behaviors. October 2014

Transcription:

PRIVACY 101 SETTING UP THE FUNCTION Evie Kyriakides, Mars, Incorporated Heather Egan Sussman, McDermott Will & Emery LLP Mac Macmillan, Hogan Lovells International LLP March 5, 2014

INTRODUCTION Making the case for change Building a realistic roadmap Successful strategies for tackling global challenges

MAKING THE CASE FOR CHANGE Regulatory Compliance U.S. State laws, plus federal overlay Accountability Principle (European based regimes, PIPEDA, EU Member State requirements) Respecting privacy builds consumer trust and brand loyalty (impacts bottom line) Effective oversight and internal controls can help mitigate risk of data breaches Where breach is unavoidable, helps to mitigate fines, penalties, and reputational damage

ASSESSING CURRENT STATE

DIAGNOSIS: BUILDING A REALISTIC ROADMAP One size does not fit all Consider company s: Industry Size Geographic coverage Product lines Sensitivity of data processed Culture From that, start to scope the function

HOW TO PERFORM A GLOBAL PRIVACY ASSESSMENT Consider issues of privilege Establish a budget Set realistic parameters (think big picture) Local counsel in every country? Deep dive or high level review? Risk-based review? Principles-based review? Create a work plan

SAMPLE WORK PLAN STRUCTURE Preparation Gather Organizational Charts Identify segments, leadership, and geographic focus Complete Due Diligence to understand: Types of personal data processed and where Extent of registrations made Data transfer mechanisms in place What Policies and Procedures exist Scope of Vendor Risk Management Training of workforce Digital properties survey Data breach protocols Plan and Execute Interviews Evaluation Against Applicable Laws

DOCUMENTING FINDINGS AND RECOMMENDATIONS Consider issues of Privilege Consider audience and objectives How much written content? Executive Summary Overview of the process Overview of Legal Landscape Findings in key areas of diligence Recommendations based on findings

OPERATIONALIZING THE ASSESSMENT S FINDINGS

OPERATIONALIZING THE ASSESSMENT S FINDINGS Setting the budget Allocating resources (internal/external) Establishing priorities Assign responsibilities Achieving buy-in from Key Stakeholders Who? When? How?

WORK PLAN: SUCCESSFUL STRATEGIES FOR TACKLING GLOBAL CHALLENGES Develop heat map based on risk, consider both Geography Subject matter Seek out internal privacy champions Set realistic goals Prioritize projects What can be managed globally vs. locally? Delegate, delegate, delegate Hold team accountable Regular contact Realistic timelines

TACKLE MANAGEABLE PIECES THAT BUILD UPON ONE ANOTHER Data breach protocols Training on how to recognize/report Training on how to prevent a breach Build a governance framework Establish senior team Empower internal champions Ensure training for team Address data transfers and registrations Develop externally-facing privacy policies Develop internally-facing policies Accountability mechanism

BENCHMARKING DATA/ STRUCTURE OF FUNCTION Fortune 100 CPGs: 1. 1 GC position responsible for Digital and Privacy - 8 direct reports. Recruiting additional CPO. Separate commercial legal team dealing with IT contracts. 2. 1 CPO with 5 direct reports, 5 Commercial lawyers for IT contracts, 3 Digital Lawyers 3. 1 CPO, approx 30 direct reports. Separate commercial legal team for IT contracts. 4. 1 CPO, approx 10 direct reports. Separate commercial legal team for IT contracts. 5. 1 Senior Digital Lawyer recruiting CPO type role, 8 lawyers reporting into centre on digital issues. Separate commercial legal team for IT contracts.

BENCHMARKING DATA/ STRUCTURE OF FUNCTION Fortune 100 Techs: 1. 1 CPO, 20 direct reports. Separate commercial legal team for IT contracts. 2. 1 GC and CPO 6 regional lawyers reporting in, recruiting regional DPO for Europe. Separate commercial team for IT contracts. 3. 1 CPO, 30 DP professionals reporting in. Separate commercial team for IT contracts.

LESSONS LEARNED FROM THE TRENCHES C-level buy-in is critical to program success Everyone has an agenda some good, some not Project management skills help You can t have privacy without security Cultural nuances play a big role Awareness is the foundation for success Money can t buy happiness...... but it can buy a privacy officer s sanity

WHAT WORKED AND WHAT DIDN T

TOP 10 TIPS FOR DRIVING SUCCESSFUL CHANGE 1. Robust assessment and diagnosis important 2. Set priorities to meet budgets 3. Benchmark with peers 4. Build internal champions 5. Tackle manageable pieces 6. Let existing culture shape the program 7. Take account of dynamically changing regulatory framework flexibility is key 8. Communicate changes in digestible pieces 9. Build internal Privacy Resources Center 10. Train, train and then train some more

QUESTIONS? Evie Kyriakides, Mars, Incorporated Evie.kyriakides@effem.com Heather Egan Sussman, McDermott Will & Emery hsussman@mwe.com Mac Macmillan, Hogan Lovells International LLP Mac.macmillan@hoganlovells.com (After April 1)

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback