Build a Data Privacy Program
Take out data privacy’s grey areas with a quantitative approach to your program.
Book This Workshop
Privacy is often shrouded in grey areas and considered a taxing project that the organization just doesn’t have the time or resourcing to properly tackle.
- No one wants to invite privacy to the table; business units fear the impact that integrating privacy will have on their current operating model.
- Yet, everyone fears the very real possibility of a data breach and understands that data privacy is a “necessary evil.”
- Shift the organizational perspective of privacy as an inhibitor of business success to an enabler that provides a competitive efficiency advantage.
Create a clear path toward privacy by taking a quantitative, risk-based approach.
- Use a phase-by-phase, cumulative approach to building a data privacy program.
- Complete a set of tactical deliverables that give you an understanding of the lifecycle of personal data in your organization.
- Establish metrics and implementation plan to make the data privacy program operational.
Book Your Workshop
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.
Book NowModule 1: Collect Privacy Requirements
The Purpose
- Understand the key drivers behind privacy in your operating context and begin to assign ownership.
Key Benefits Achieved
- Level-setting between IT and the business with respect to privacy best practices.
- High-level understanding of risk associated with personal data collected by the organization.
| Activities: | Outputs: | |
|---|---|---|
| 1.1 | Define and document program drivers. |
|
| 1.2 | Establish privacy governance structure and define scope. |
|
| 1.3 | Build privacy RACI chart. |
|
| 1.4 | Build the risk map. |
|
Module 2: Conduct a Privacy Gap Analysis
The Purpose
- Connect with each of the business units with respect to current privacy practices and gain insight into how personal data is handled throughout the organization.
Key Benefits Achieved
- Alignment with business unit privacy champions
- Understanding of current state of privacy in the organization
- Uncovered gaps in the organization’s privacy practices
| Activities: | Outputs: | |
|---|---|---|
| 2.1 | Conduct interviews and complete Data Mapping Tool. |
|
| 2.2 | Compare compliance and regulatory requirements with current privacy practices of the organization. |
|
| 2.3 | Identify gap areas. |
|
| 2.4 | Review the DPIA process and identify whether threshold assessment or full DPIA is required. |
|
Module 3: Build the Privacy Roadmap
The Purpose
- Ensure that the privacy program is functional and caters to the environment assessed over days 1 and 2 by building a custom-fit privacy initiative implementation roadmap.
Key Benefits Achieved
- Quantitative prioritization of each of the privacy gap closing initiatives
- High-level initiative implementation roadmap
| Activities: | Outputs: | |
|---|---|---|
| 3.1 | Complete business unit gap analysis; consolidate inputs from day 2 interviews. |
|
| 3.2 | Apply variables to privacy initiatives. |
|
| 3.3 | Create a visual privacy roadmap. |
|
| 3.4 | Define and refine the effort map; validate costing and resourcing. |
|
Module 4: Implement and Operationalize
The Purpose
This portion of the workshop ensures that the privacy program can be put into action and moves beyond static policies to foster the integration of privacy metrics across the organization.
Key Benefits Achieved
A full set of privacy metrics, as well as tactics to implement and monitor on an ongoing basis.
| Activities: | Outputs: | |
|---|---|---|
| 4.1 | Review outputs from days 1-3. |
|
| 4.2 | Review Info-Tech’s privacy metrics and select relevant metrics for the privacy program. |
|
| 4.3 | Operationalize metrics. |
|
| 4.4 | Input all outputs from days 1-3 into the Data Privacy Report. |
|
| 4.5 | Summarize and build an executive presentation. |
|
| 4.6 | Set checkpoints and drive continuous improvement. |
|
Module 5: Next Steps and Wrap-Up (Offsite)
The Purpose
Ensure privacy program is functional and any final aspects are included in the report back to senior leadership team.
Key Benefits Achieved
Strategic alignment of the privacy program and its objectives with those of the business and senior leadership.
| Activities: | Outputs: | |
|---|---|---|
| 5.1 | Consolidate and schedule any outstanding business unit interviews. |
|
| 5.2 | Complete in-progress deliverables from previous four days. |
|
| 5.3 | Set up review time for workshop deliverables to discuss next steps. |
|
| 5.4 | Operationalize metrics. |
|