As mentioned in the prior post in this series, a strategically developed privacy program can help support companies in a rapidly changing legislative and enforcement environment. As part of taking a strategic approach, companies attempting to create a right-sized privacy program will want to customize their program to their company. Privacy and data security laws place bespoke obligations on companies. Privacy notices need to describe the company’s practices. Data security laws anticipate policies that are designed for the risks that the company faces.
Continue Reading Elements of Right-Sized Privacy Program: Customized
privacy compliance
Developing a Right-Sized Privacy Program
By Liisa Thomas on
Posted in Privacy Management
Later this week, January 28, 2021 will mark International Privacy Day: a day corporations release educational efforts around privacy and data protection. There are many reasons to approach privacy proactively in 2021: (1) January 28 will mark the second week of a new US administration, one which will likely focus more on privacy and data security; and (2) laws and enforcement in this area continue to change and develop, as we reported last year. With this in mind, privacy and data security practitioners may find themselves behind with reactive approaches. Reactivity is also costly, both monetarily and resource-use wise.
Continue Reading Developing a Right-Sized Privacy Program