Develop a Data Privacy Compliance Strategy
With stewardship over personal information comes great responsibility.
Send a friend or colleague a link to this article
Last Revised: October 25, 2010
- Technology has revolutionized the way governments, schools, hospitals, banks, merchants, and other service providers interact with their clients.
- However, the same technology that enables client services also puts client information in the hands of the enterprise, bringing with it legal and ethical obligations which vary by nation, state, and industry.
- This solution set will help IT leadership respond to expectations from the business to develop a privacy strategy by defining IT’s privacy compliance responsibilities.
- The current regulatory environment in the US demonstrates growing intolerance for privacy violators; consequently, privacy is a growing concern for IT leaders.
- Enterprises with a strategy for privacy compliance are far more successful at maintaining the privacy of individuals than those without one, and 80% of IT leaders surveyed either have a privacy strategy or are in the process of developing one.
- IT organizations in the US are catching up to Europe and Canada with respect to managing privacy risks, but still lag in disclosure when it comes to sharing personal data.
- Evolving technologies such as cloud computing and social media are creating even more privacy pressure that needs to be investigated and either accepted, mitigated, or rejected.
Impact and Result
- Understand the basic principles of privacy in order to make informed decisions and develop a dialogue with external stakeholders.
- Analyze the enterprise’s unique exposure to privacy to better comprehend what your strategy must entail.
- Develop a POV on emerging technology issues to better align your privacy strategy with today’s technology.
- Assess the existing process and develop a privacy compliance strategy using Info-Tech’s tools and templates.
- Region of Waterloo
- Maine Coast Memorial Hospital
- 4 other organizations contributed information to assist with the development of this solution set. Due to the sensitivity of the information, all contributors requested confidentiality.
Get the Complete Storyboard
See how all the steps you need to take come together, with tools and advice to help with each task on your list.Download Now
Get to Action
Best Practices Toolkit
Develop a data privacy compliance strategy.
Align IT with ethical and legal privacy requirements.
Understand how cloud computing, social media, and mobile devices affect the privacy compliance strategy.
Communicate a POV on new technology to stakeholders.
Assess current privacy compliance gaps.
Fill compliance gaps in the organization’s privacy strategy.
Demonstrate organizational commitment to privacy.
Communicate your policy to Website visitors.
Comply with privacy legislation.
Develop a Social Media policy.
Manage privacy risks associated with social media.
Work privacy requirements into vendor contracts.
Hold vendors accountable for maintaining privacy.
Check off privacy requirements for all projects.
Incorporate privacy principles into all IT projects.
Talk to an Analyst
Each of our solution sets include information, tools and templates to help you complete a project on your own. However, if you want extra help, our silver and gold memberships include phone access to our analysts. Analyst calls are focused on helping our members use the research we produce, and our experts will guide you to successful project completion.
- Book an Analyst Call on this topic. You can start as early as tomorrow morning. Our analysts will explain the process in your first call.
- Get advice from a subject matter expert. Each call will focus on explaining the material and helping you to plan your project, interpret and analyze the results of each project step, and setting the direction for your next project step.
Create a Formal Risk Management Strategy
Mitigate Internal Risks & Achieve Compliance with Internal Controls
Develop an Information Governance Strategy
Develop a Strategy for PCI DSS Compliance
Develop a Data Privacy Compliance Strategy
Vendor Landscape: eGRC Solutions
Optimize Security Operations without Overspending
Cut PCI Compliance and Audit Costs in Half
Implement and Execute a Security Risk Management Program