Scribd Logo
Upload

Welcome to Scribd!

  • Building A Privacy Governance Program - TRUSTe Privacy Webinar

    Uploaded by

    TrustArc
    29 views16 pages
    Many organizations are struggling with where to start with securing their enterprise — so some don’t, or worse yet, take expensive action that has little impact. Consumers freely share their personal information with businesses, governments, individuals and on social media platforms expecting progressive, personalized services while demanding and deserving privacy and control of their personal information. Read the webinar slides to explore the essential common elements of an effective data protection program and some tips for getting your program up and running quickly. Register NOW to watch the full webinar here: https://info.truste.com/building-privacy-governance-program-webinar.html To register for other upcoming TRUSTe Webinars (upcoming/on-demand) visit: https://www.truste.com/events/privacy-insight-webinar-schedule/

    Original Title

    Building a Privacy Governance Program | TRUSTe Privacy Webinar

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Many organizations are struggling with where to start with securing their enterprise — so some don’t, or worse yet, take expensive action that has little impact. Consumers freely share their personal information with businesses, governments, individuals and on social media platforms expecting progressive, personalized services while demanding and deserving privacy and control of their personal information. Read the webinar slides to explore the essential common elements of an effective data protection program and some tips for getting your program up and running quickly. Register NOW to watch the full webinar here: https://info.truste.com/building-privacy-governance-program-webinar.html To register for other upcoming TRUSTe Webinars (upcoming/on-demand) visit: https://www.truste.com/events/privacy-insight-webinar-schedule/

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    29 views16 pages

    Building A Privacy Governance Program - TRUSTe Privacy Webinar

    Uploaded by

    TrustArc
    Many organizations are struggling with where to start with securing their enterprise — so some don’t, or worse yet, take expensive action that has little impact. Consumers freely share their personal information with businesses, governments, individuals and on social media platforms expecting progressive, personalized services while demanding and deserving privacy and control of their personal information. Read the webinar slides to explore the essential common elements of an effective data protection program and some tips for getting your program up and running quickly. Register NOW to watch the full webinar here: https://info.truste.com/building-privacy-governance-program-webinar.html To register for other upcoming TRUSTe Webinars (upcoming/on-demand) visit: https://www.truste.com/events/privacy-insight-webinar-schedule/

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    Building a Privacy Governance

    Program
    October 21, 2016

    Privacy Insight Series


    - truste.com/insightseries
    v

    TRUSTe Inc., 2016


    1
    TRUSTe Inc., 2016

    Todays Speakers
    Michelle Fleury,
    Senior Director, Supply Chain Operations,
    Cisco

    Patrick Curry,
    Director, Privacy and Compliance,
    McKesson

    Eleanor Treharne-Jones (Moderator)


    Vice President Consulting
    TRUSTe

    Privacy Insight Series


    - truste.com/insightseries
    v

    2
    TRUSTe Inc., 2016

    Todays Agenda

    Welcome & Introductions


    Understanding the Role of Data in Corporate
    Strategy
    Building Data Protection Programs
    Steps for Rapid Deployment
    Q&A

    Privacy Insight Series


    - truste.com/insightseries
    v

    3
    TRUSTe Inc., 2016

    Privacy Insight Series


    - truste.com/insightseries
    v

    4
    TRUSTe Inc., 2016

    Ciscos Strategy
    #DigitalBusiness Depends on #Data

    Intellectual
    Property
    Deal
    Prospects
    Corporate
    Strategy

    Support Data
    Product
    Roadmaps
    Customer Sat
    Ratings

    Key Activities

    Relationships

    Employee
    Information

    Sales Records

    Trade Secrets
    Brand Strategy

    Pricing Details
    Discount
    Rates
    Customers

    Strategic Partners

    Key Resources

    Privacy Insight Series


    - truste.com/insightseries
    v

    Distribution Channels

    The Business Model Canvas by @strategyzer

    5
    TRUSTe Inc., 2016

    180+ Years in Health Care

    Privacy Insight Series


    - truste.com/insightseries
    v

    6
    TRUSTe Inc., 2016

    Healthcare Trends

    Innovation
    `
    Cost Containment

    Chronic
    Diseases

    Global Shift in
    Demographics
    Ongoing growth in 65+ years1

    Consolidation

    Regulatory
    Change

    Diabetes - worldwide: 55%


    percent increase by 20352

    Value-Based Care
    2/3 of the market by

    20203

    Rise of `
    Consumerism

    Patient-centered model = Health data for millions of patients


    110

    Projections for the Global Population in 2050, Pew Research Center, Feb. 2, 2014. 22014 IDF Diabetes Atlas, International Diabetes
    Foundation. 3The State of Value-Based Reimbursement and the Transition from Volume to Value in 2014, McKesson Health Solutions, 2014.

    Privacy Insight Series


    - truste.com/insightseries
    v

    7
    TRUSTe Inc., 2016

    Strategic Considerations

    Legal
    Obligations

    Customer &
    Market Expectations

    Competitive
    Differentiation

    Risk Landscape

    Ciscos Data Protection Program


    8

    Privacy Insight Series


    - truste.com/insightseries
    v

    8
    TRUSTe Inc., 2016

    Guiding Principles

    Involve the
    Business in the
    Program

    Leverage Your
    Operational
    Strengths

    Privacy Insight Series


    - truste.com/insightseries
    v

    Manage Complexity
    and Ambiguity
    through Iteration

    9
    TRUSTe Inc., 2016

    Ciscos Data Protection Program

    Policies and
    Standards

    Oversight and
    Enforcement

    Identification and
    Classification

    Privacy by Design &


    Intl Privacy Policy

    Privacy Insight Series


    - truste.com/insightseries
    v

    Data Risk and


    Organizational Maturity

    Incident
    Response

    Security by Design &


    Data Loss Prevention

    Awareness and
    Education

    10
    TRUSTe Inc., 2016

    McKesson US Pharmaceuticals Privacy Program


    Based on Federal Sentencing
    Guidelines/HHS OIG guidance

    GRC-based; process
    harnessed for privacy, IT
    security risk
    PHI is king: Priority to
    regulatory & legal obligations

    Program
    Governance &
    Resources
    Risk
    Assessment

    Policies &
    Procedures

    Enforcement,
    Discipline &
    Incentives

    Communications

    Helps coordinate multi-faceted


    approach
    Provides functional backdrop
    and process for analysis for
    considerations of choice, data
    use, consent, collection, etc.

    Privacy Insight Series


    - truste.com/insightseries
    v

    Investigations
    & Response

    Training

    Monitoring

    11
    TRUSTe Inc., 2016

    McKesson case example: Programmatic PIA


    Observation: risk of changes to data
    use without review
    Follow the circle:

    Program
    Governance
    & Resources
    Risk
    Assessment

    Policies &
    Procedures

    What structures need to be in place


    Who owns / manages the process
    What policies / procedures are needed

    Enforcement

    Awareness

    Who needs to know what about the


    updates to the process
    How do we know the process is
    effective?

    Investigation
    & Response

    Training

    Monitoring

    What do we do if people dont follow the


    rules?

    Outcome: stable and documented process; general awareness of


    goals and changes; auditable framework
    Privacy Insight Series
    - truste.com/insightseries
    v

    12
    TRUSTe Inc., 2016

    Steps for Rapid Deployment of a DPP

    Form a multi-disciplinary team,


    including Privacy and Security

    Inventory your data

    Assess your organizations

    Choose a program framework and


    set goals

    start with
    high-risk categories & PII

    data protection maturity

    Privacy Insight Series


    - truste.com/insightseries
    v

    Collect and connect capabilities

    Identify and prioritize most

    Take agile approach to

    Get the word out

    and processes

    significant gaps
    address
    gaps wise to iterate
    people as
    important as technology

    13
    TRUSTe Inc., 2016

    Questions?

    Privacy Insight Series


    - truste.com/insightseries
    v

    TRUSTe Inc., 2016


    14
    TRUSTe Inc., 2016

    Contacts
    Michelle Fleury
    Patrick Curry
    Eleanor Treharne-Jones

    Privacy Insight Series


    - truste.com/insightseries
    v

    mfleury@cisco.com
    Patrick.Curry@McKesson.com
    eleanor@truste.com

    TRUSTe Inc., 2016


    15
    TRUSTe Inc., 2016

    Thank You!
    Details of our 2016 Summer/Fall Webinar Series are now available. Register
    now for our next webinar on November 10 Understanding new EU
    Guidance on DPIA/PIA requirements

    See http://www.truste.com/insightseries for the 2016 Privacy Insight Series


    and past webinar recordings.
    TRUSTe Inc., 2016
    v
    16
    Privacy Insight Series
    truste.com/insightseries
    v
    TRUSTe Inc., 2016

    You might also like