Security icon

Build a Privacy Program

Your personal data is showing.

Get Instant Access to this Blueprint

View Storyboard

Solution Set Storyboard Thumbnail


  • Brendan McCann, IT Security Manager, Epson Europe B.V.

Your Challenge

  • Privacy has become a hot-button issue for many organizations, with the introduction of the General Data Protection Regulation (GDPR) from the EU and the California Consumer Privacy Act (CCPA).
  • The mishandling of personal data can result in serious financial consequences or reputational damage.
  • Customers are becoming increasingly privacy-aware, with many demanding that the companies they engage with have demonstrable privacy practices.

Our Advice

Critical Insight

  • Most organizations have never operated with a privacy-first perspective – meaning that there are many gaps in the process to ensure personal data is handled appropriately.
  • Organizations may think the security they have in place is sufficient to meet their privacy requirements, but privacy and security are two different functions.
  • Operating with privacy first will reduce your sales cycle, increase employee effectiveness, and increase competitive advantage.
  • Privacy should not be seen as a burden to organizations but instead as an opportunity. With a privacy program in place, you can meet customer demands while also working to better prevent and handle data breaches.

Impact and Result

  • Don’t wait until a privacy incident occurs to force action – start building a privacy program now.
  • Integrating privacy into the organization will ensure that personal data is only being collected for legitimate reasons while also helping to minimize the impact of a potential breach.
  • Further, it will push the organization forward in terms of efficiency and customer trust, as there is growing privacy demand from all types of customers.
  • Use Info-Tech’s Privacy Framework to understand your current state of privacy and to define what the target state looks like for the organization.

Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why you should build a privacy program, review Info-Tech’s methodology, and understand the four ways we can support you in completing this project.

1. Collect privacy requirements

Document what is driving you to build a privacy program, while determining the best privacy governance structure.

2. Conduct a privacy gap analysis

Use Info-Tech’s Privacy Framework to evaluate current gaps and build a roadmap for the future.

Guided Implementations

This guided implementation is a six call advisory process.

Guided Implementation #1 - Collect privacy requirements

Call #1 - Discuss different privacy organizational structures and determine best fit.
Call #2 - Document and discuss the requirements for the privacy program.

Guided Implementation #2 - Conduct a privacy gap analysis

Call #1 - Use Info-Tech’s Privacy Framework to identify and evaluate gaps within the organization.
Call #2 - Discuss critical initiatives and prioritize accordingly.

Guided Implementation #3 - Begin implementing the privacy program

Call #1 - Begin customizing some privacy program documents.
Call #2 - Discuss techniques to maintain the privacy program for the future.

Search Code: 87770
Published: February 27, 2019
Last Revised: February 27, 2019