- Data privacy is increasingly becoming a requirement of every organization.
- Privacy and IT leaders continue to struggle to develop strong privacy programs despite looming regulatory pressure.
- IT leaders must translate legal obligations into actionable guidance for the organization.
Our Advice
Critical Insight
- Establish a comprehensive organization-wide privacy program using a MICAS (measurable, integrated, consistent, actionable, and scalable) approach.
- Operationalize your data protection initiatives and comply with applicable privacy regulations in the most cost-effective way.
Impact and Result
- Privacy and IT leaders need to see privacy as more than just compliance, but rather as a driver of business efficiency.
- Partner with the business by speaking their language and providing tools they can understand and implement.
- Create privacy policies and standards that are established with respect to how information is collected, processed, shared, and protected within the organization's data lifecycle.
- Establish a holistic and integrated privacy program by employing a phased approach.
Member Testimonials
After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.
9.7/10
Overall Impact
$20,713
Average $ Saved
15
Average Days Saved
Client
Experience
Impact
$ Saved
Days Saved
Centennial College
Guided Implementation
10/10
$23,500
20
Very timely insight and materials received
Canadian Wildlife Federation
Guided Implementation
9/10
$10,000
5
Safayat, has provided excellent supports with regards to our corporate privacy program development and supports!
Fidelity Investments Canada ULC
Guided Implementation
10/10
N/A
10
Alan is always extremely informative during our technical analyst calls to provide us with real company, practical insights that can help us expedi... Read More
Packaging Machinery Manufacturers Institute
Guided Implementation
9/10
$2,599
2
Environmental Defense Fund, Incorporated
Guided Implementation
10/10
$64,999
50
Helmerich & Payne, Inc.
Guided Implementation
10/10
$2,469
2
Workshop: Mature Your Privacy Operations
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: Readiness Assessment, Risk Management, and Transparency
The Purpose
Assess current maturity, identify program gaps, and develop a data protection impact assessment (DPIA) process.
Key Benefits Achieved
- List of gap-closure initiatives
- DPIA process
Activities
Outputs
Assess the overall privacy readiness level
- Privacy readiness assessment report
Identify gaps and mitigating controls
Review and develop a DPIA process
- DPIA process
Understand core components of a privacy notice
Review and develop privacy notices
- Privacy notices
Module 2: Data Classification and Data Retention
The Purpose
Learn how to classify data based on its sensitivity and how long to retain these records to support business needs and maintain compliance obligations.
Key Benefits Achieved
- Data classification scheme
- Data retention schedule
Activities
Outputs
Discuss and develop data classification policy
- Data classification policy
Review and develop data classification scheme
- Data classification scheme
Review and develop data classification handling standard
- Data classification handling standard
Review and develop data retention policy
- Data retention policy
Review and develop data retention schedule
- Data retention schedule
Module 3: Third-Party Management and Cross-Border Data Transfer
The Purpose
Determine data processing requirements and choose an appropriate data transfer mechanism for your organization.
Key Benefits Achieved
- Data processing agreement
- Appropriate means for cross-border data transfer
Activities
Outputs
Understand core components of a data processing agreement
Review and develop a data processing agreement
- Data processing agreement
Understand common cross-border transfer mechanisms
Review and develop your standard contractual clauses
- Standard contractual clauses
Module 4: Implement and Operationalize
The Purpose
Set a process for data subject access requests (DSARs) and formalize your report of work completed so far.
Key Benefits Achieved
- DSAR process
- Presentable report detailing privacy program improvements
Activities
Outputs
Understand data subject rights (DSRs) and legal obligations
Review and develop a DSAR process
- DSAR process
Input all outputs from Modules 1-3 into the Data Privacy Report
- Completed Data Process Mapping Tool
Summarize and build an executive presentation
- Review of any outstanding privacy collateral
- Data Privacy Program Report presentation
Set checkpoints to drive continuous improvement
Module 5: Next Steps and Wrap-Up (offsite)
The Purpose
Finalizae all completed deliverables.
Key Benefits Achieved
- Completed set of deliverables to support the maturation of your privacy program
Activities
Outputs
Consolidate and schedule any outstanding business unit interviews
Complete in-progress deliverables from previous four modules
Set up a time to review workshop deliverables and discuss next steps