Develop a Data Privacy Compliance Strategy
With stewardship over personal information comes great responsibility.
Send a friend or colleague a link to this article
RETIRED CONTENTPlease note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.
- Technology has revolutionized the way governments, schools, hospitals, banks, merchants, and other service providers interact with their clients.
- However, the same technology that enables client services also puts client information in the hands of the enterprise, bringing with it legal and ethical obligations which vary by nation, state, and industry.
- This solution set will help IT leadership respond to expectations from the business to develop a privacy strategy by defining IT’s privacy compliance responsibilities.
- The current regulatory environment in the US demonstrates growing intolerance for privacy violators; consequently, privacy is a growing concern for IT leaders.
- Enterprises with a strategy for privacy compliance are far more successful at maintaining the privacy of individuals than those without one, and 80% of IT leaders surveyed either have a privacy strategy or are in the process of developing one.
- IT organizations in the US are catching up to Europe and Canada with respect to managing privacy risks, but still lag in disclosure when it comes to sharing personal data.
- Evolving technologies such as cloud computing and social media are creating even more privacy pressure that needs to be investigated and either accepted, mitigated, or rejected.
Impact and Result
- Understand the basic principles of privacy in order to make informed decisions and develop a dialogue with external stakeholders.
- Analyze the enterprise’s unique exposure to privacy to better comprehend what your strategy must entail.
- Develop a POV on emerging technology issues to better align your privacy strategy with today’s technology.
- Assess the existing process and develop a privacy compliance strategy using Info-Tech’s tools and templates.
- Region of Waterloo
- Maine Coast Memorial Hospital
- 4 other organizations contributed information to assist with the development of this solution set. Due to the sensitivity of the information, all contributors requested confidentiality.
Get the Complete Storyboard
See how all the steps you need to take come together, with tools and advice to help with each task on your list.Download Now
Get to Action
Develop a data privacy compliance strategy.
Align IT with ethical and legal privacy requirements.
Understand how cloud computing, social media, and mobile devices affect the privacy compliance strategy.
Communicate a POV on new technology to stakeholders.
Assess current privacy compliance gaps.
Fill compliance gaps in the organization’s privacy strategy.
Demonstrate organizational commitment to privacy.
Communicate your policy to Website visitors.
Comply with privacy legislation.
Develop a Social Media policy.
Manage privacy risks associated with social media.
Work privacy requirements into vendor contracts.
Hold vendors accountable for maintaining privacy.
Check off privacy requirements for all projects.
Incorporate privacy principles into all IT projects.
Cut PCI Compliance and Audit Costs in Half
Establish an Effective System of Internal IT Controls to Mitigate Risks
Create a Formal Risk Management Strategy
Take a Targeted Approach to Mitigating IT’s Greatest Risks
Optimize Security Operations without Overspending
Conduct a Regular Health Check for Your IT Risk Management Strategy