Welcome to Scribd!

Managing Privacy in A Global Organization: Stewart Dresner

Uploaded by

0% found this document useful (0 votes)

17 views9 pages

Managing Privacy in a global organization by steven dresner. Fundamental differences between US, Europe and Asia. Implementation requires a balance between a legally correct policy and everyday procedures. Key to success is the ability of the CPO to make privacy policy compatible with the corporate culture.

Original Description:

Original Title

5_06_1

Copyright

Available Formats

PPT, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

17 views9 pages

Managing Privacy in A Global Organization: Stewart Dresner

Uploaded by

solidvanz

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 9

Search inside document

Managing Privacy in a Global Organization

Stewart Dresner
Chief Executive, Privacy Laws & Business
5th floor, Raebarn House, 100, Northolt Road, Harrow, Middlesex, HA2 0BX, United Kingdom Tel: + 44 208 423 1300 Fax: + 44 208 423 4536 E-mail stewart@privacylaws.com

www.privacylaws.com

Contents
1. Fundamental differences between US, Europe and Asia
2. Implementation requires a balance between a legally correct policy and everyday procedures 3. Staff training 4. Credible privacy audits

5. Penalties and sanctions

6. Integrating privacy into your business strategy

Fundamental differences US/Europe

1. European law/rights based privacy compared with US transaction/sectoral approach. 2. Frustration when IT systems cannot be used as intended - often alternative legal approach after discussion 3. Need to understand the European Unions approach and the Member States differences 4. Success = balancing details and the big picture

Implementation: A balance between a legal policy and everyday procedures

1. Key to success is the ability of the CPO to make privacy policy compatible with the corporate culture 2. Why legal advice is necessary but not sufficient

3. Legal advice may be correct but must be in plain language to be really useful
4. Some legal advice may be too cautious

5. Advice relevant to each department/level of staff?

6. How do you know?

Staff awareness and training

1. All managers and staff handling personal data 2. Relevant messages in their operational context 3. All staff dealing with customers and prospects 4. Check messages understood and implemented 5. Advantages and disadvantages of internal/

external training provider

6. Training needs to be repeated and updated 7. Managing privacy is never a quick fix

Why Audit?
The key reasons for carrying out audit activities are: 1. To assess the level of compliance with national privacy laws 2. To assess the level of compliance with the organizations own privacy compliance system 3. To identify potential gaps and weaknesses in the privacy law system 4. To provide information for a privacy compliance system review

What should you audit?

1. Retention - appropriate weeding and deletion of information 2. Documentation on authorised use of systems, e.g. codes of practice, guidelines etc. 3. Compliance with individuals rights, such as right of access to information 4. Compliance with privacy laws in the context of other pieces of legislation such as human rights laws and freedom of information laws

Penalties and sanctions

1. Enforcement by privacy regulators - criminal law 2. Civil suits for damage and distress 3. Negative publicity from media coverage - loss of consumer confidence 4. Withdrawal of privacy seals 5. Opportunity cost of having not taken privacy seriously and consequences for future marketing

Integrating privacy into business strategy

1. CPO can try to influence top management parallel with environmental issues 2. Stress the positive aspects of privacy 3. Transforming risk assessment into everyday compliance with privacy laws 4. Privacy as a competitive advantage 5. Integrating privacy into your business strategy - Brand value - Reputation

Bereket H - M
Document24 pages
Bereket H - M
Hailemickael Gulanta
No ratings yet
Challenges and Recommendation
Document2 pages
Challenges and Recommendation
Rakibul_Hossain_Chowdhury
No ratings yet
Jamainis Makim Handling Information in Care Settings
Document2 pages
Jamainis Makim Handling Information in Care Settings
loryn TECH
No ratings yet
Sample Data Management Policy Structure 1
Document9 pages
Sample Data Management Policy Structure 1
williamsidharta
No ratings yet
Chapter 3
Document7 pages
Chapter 3
Alyssa Berangberang
No ratings yet
GDPR - Standard Data Protection System In 16 Steps
From Everand
GDPR - Standard Data Protection System In 16 Steps
Paweł Mielniczek
No ratings yet
Information Security Policies
Document2 pages
Information Security Policies
gyda
No ratings yet
CIPM Exam Reviewer
Document48 pages
CIPM Exam Reviewer
lmcs.pacificcross
No ratings yet
Conducting A Privacy Audit
Document3 pages
Conducting A Privacy Audit
Michael L Whitener
No ratings yet
ERMCD14 01 Data Privacy and Security Manual
Document29 pages
ERMCD14 01 Data Privacy and Security Manual
Hiraeth Weltschmerz
No ratings yet
Emerging
Document8 pages
Emerging
Sani Mohammed
No ratings yet
Lecture 3
Document65 pages
Lecture 3
omardshyc
No ratings yet
Policy Compliance Foundation Course
Document6 pages
Policy Compliance Foundation Course
AJ
No ratings yet
Research Mid Term
Document10 pages
Research Mid Term
Brady Shiplet
No ratings yet
Social and Profeesional Issues 2
Document43 pages
Social and Profeesional Issues 2
albert fernandez
No ratings yet
CIPS
Document7 pages
CIPS
Muhammad Sohail Ismail
No ratings yet
GDPR Data Protection Policy
Document2 pages
GDPR Data Protection Policy
Gajanan Pilatre
No ratings yet
Engaging Activities 2
Document3 pages
Engaging Activities 2
daniela aquino
No ratings yet
Chapter 2 - Computer Ethics
Document14 pages
Chapter 2 - Computer Ethics
Joey Cereno
No ratings yet
Information Security Policies and Procedures: Corporate Policies-Tier 1, Tier 2 and Tier3 Policies
Document42 pages
Information Security Policies and Procedures: Corporate Policies-Tier 1, Tier 2 and Tier3 Policies
Sanskrithi Tiger
No ratings yet
ANSWER Key
Document3 pages
ANSWER Key
lmcs.pacificcross
No ratings yet
Information Policy - Assignment
Document2 pages
Information Policy - Assignment
zira jerry
No ratings yet
All in One
Document2 pages
All in One
Rakibul_Hossain_Chowdhury
No ratings yet
GDPR Compliance Checklist
Document2 pages
GDPR Compliance Checklist
Gajanan Pilatre
No ratings yet
Emerging Tech Chap 6 Note
Document11 pages
Emerging Tech Chap 6 Note
Rami Muzemil
No ratings yet
Diana Kelley Part 2
Document45 pages
Diana Kelley Part 2
Ankit Yadav
No ratings yet
Implications For Practice: What Should Managers Do?
Document1 page
Implications For Practice: What Should Managers Do?
ajay_5284
No ratings yet
Unit-2 IPRIT
Document6 pages
Unit-2 IPRIT
Mohd Nadeem
No ratings yet
US Department of Commerce - Commerce Data Ethics Framework (2022)
Document9 pages
US Department of Commerce - Commerce Data Ethics Framework (2022)
mersenne2
No ratings yet
GDPR-standard data protection staff training: What employees & associates need to know by Dr Paweł Mielniczek
From Everand
GDPR-standard data protection staff training: What employees & associates need to know by Dr Paweł Mielniczek
Paweł Mielniczek
No ratings yet
Information Security-Assignment #04
Document7 pages
Information Security-Assignment #04
maidah sabir
No ratings yet
Research and Comply With Regulatory Requirements - in Class Assessment 2
Document17 pages
Research and Comply With Regulatory Requirements - in Class Assessment 2
Phuong Dung
No ratings yet
The Importance of Information Security
Document2 pages
The Importance of Information Security
Saurabh Singhal
No ratings yet
General Data Protection Regulation (GDPR)
Document14 pages
General Data Protection Regulation (GDPR)
Arushi Johri
No ratings yet
Popi Act
Document7 pages
Popi Act
cxzy.exe
No ratings yet
Procedural Justice & Ethics in Employee Relations
Document27 pages
Procedural Justice & Ethics in Employee Relations
Elizabeth Alexandria Lauren
No ratings yet
Work Immersion Module 4
Document4 pages
Work Immersion Module 4
pattiffanylorenzo278
No ratings yet
Plumbing Lesson
Document4 pages
Plumbing Lesson
Reolito bolando
No ratings yet
GDPR Implementation The Requirements To Achieve Full Compliance
Document22 pages
GDPR Implementation The Requirements To Achieve Full Compliance
kentmultan
100% (1)
Tourism
Document2 pages
Tourism
Arrah Porras
No ratings yet
Chapter 3 Bcs
Document5 pages
Chapter 3 Bcs
Shella Frankera
No ratings yet
Module 6 EET
Document27 pages
Module 6 EET
Pratheek Poojary
No ratings yet
Professional Ethics
Document42 pages
Professional Ethics
rockers91
No ratings yet
Rohit
Document75 pages
Rohit
Robin Palan
No ratings yet
Contribute To Privacy Policy Worksheet
Document4 pages
Contribute To Privacy Policy Worksheet
Pramit Patrick
100% (1)
Cle Unit - 3 PDF
Document31 pages
Cle Unit - 3 PDF
Yugal Singam
No ratings yet
The 12 Elements of An Information Security Policy - Reader View
Document7 pages
The 12 Elements of An Information Security Policy - Reader View
Honey Dhaliwal
No ratings yet
G D P R: Eneral ATA Rotection Egulation
Document7 pages
G D P R: Eneral ATA Rotection Egulation
Ashish Sandapu
No ratings yet
Data Protection Breach Management Policy
Document6 pages
Data Protection Breach Management Policy
Jamie Del Castillo
No ratings yet
Ethics & Professionalism Emerging Technologies: by Habtamu W
Document40 pages
Ethics & Professionalism Emerging Technologies: by Habtamu W
Mohammed Abdurhaman
No ratings yet
Compliance Definition
Document3 pages
Compliance Definition
anamika2023
100% (2)
Assignment 1
Document2 pages
Assignment 1
Eldronado Phase 1
No ratings yet
Personal Data Protection Act 2010 & 2015 (PDPA)
Document8 pages
Personal Data Protection Act 2010 & 2015 (PDPA)
Rohan
No ratings yet
Disclosure and Instant Messaging Apps
Document5 pages
Disclosure and Instant Messaging Apps
natalia.cama94
No ratings yet
CSS L-5
Document6 pages
CSS L-5
Utkarsh Singh Magarauthiya
No ratings yet
Ethics and Business Ethics
Document4 pages
Ethics and Business Ethics
Eljey Eushe F. Soriano
No ratings yet
Data Protection in Practice: IMY Report 2023:1
Document38 pages
Data Protection in Practice: IMY Report 2023:1
Kobi
No ratings yet
IAPP CIPP/US Certification A Practical Study Guide to Master the Certified Information Privacy Professional Exam
From Everand
IAPP CIPP/US Certification A Practical Study Guide to Master the Certified Information Privacy Professional Exam
Jamie Murphy
No ratings yet
Information Governance Policy: 1. Contents
Document6 pages
Information Governance Policy: 1. Contents
PRADEEP JUVVADI
No ratings yet
Cipl Recommendations On Transparency Consent and Legitimate Interest Under The GDPR - 19 May 2017-c
Document34 pages
Cipl Recommendations On Transparency Consent and Legitimate Interest Under The GDPR - 19 May 2017-c
maslinovik5003
No ratings yet
3063 Business Model Canvas Template
Document5 pages
3063 Business Model Canvas Template
dinda syafira
No ratings yet
Unit II - HRM
Document23 pages
Unit II - HRM
Akriti Srivastava
No ratings yet
NIST Privacy Framework To CCPA-CPRA Crosswalk
Document9 pages
NIST Privacy Framework To CCPA-CPRA Crosswalk
Spit Fire
No ratings yet
1.GB - PRINCE2 Foundation Exam - Sample Paper 2 - January 13 Release
Document26 pages
1.GB - PRINCE2 Foundation Exam - Sample Paper 2 - January 13 Release
silverdigi777
No ratings yet
Print These 4 Pages of Your Downloaded Document
Document7 pages
Print These 4 Pages of Your Downloaded Document
Anaeli Gayoso
No ratings yet
Data Center Operation Manager
Document4 pages
Data Center Operation Manager
khalid.mallick7258
No ratings yet
Accountability and Public Expenditure Management in Decentralised Cambodia
Document86 pages
Accountability and Public Expenditure Management in Decentralised Cambodia
Saravorn
100% (1)
RAR (Kaplan - Solutions Chapter 7)
Document39 pages
RAR (Kaplan - Solutions Chapter 7)
ridha azka r
No ratings yet
2020 Ghasc 25
Document29 pages
2020 Ghasc 25
Lala James
No ratings yet
Danone MT Star Booklet 2014
Document12 pages
Danone MT Star Booklet 2014
Anissa Nurul Badriyah
No ratings yet
Project Execution Plan Format
Document17 pages
Project Execution Plan Format
Hanan Shan
100% (8)
Case Analysis-YUM Power Point
Document9 pages
Case Analysis-YUM Power Point
Ksenia Prokopienko
No ratings yet
0021 Voters - List. Bay, Laguna - Brgy Bitin - Precint.0140a
Document5 pages
0021 Voters - List. Bay, Laguna - Brgy Bitin - Precint.0140a
Iwai Moto
No ratings yet
Student Leadership and Accountability
Document26 pages
Student Leadership and Accountability
Emme Rose Buhat
No ratings yet
Ethical and Sustainable Sourcing
Document30 pages
Ethical and Sustainable Sourcing
Ashok Sharma
No ratings yet
04 - Current and Emerging Quality Management Systems, Programs, and Initiatives - ISO
Document15 pages
04 - Current and Emerging Quality Management Systems, Programs, and Initiatives - ISO
Charlon Adrian Ruiz
No ratings yet
Suriname Preliminary Report 2020
Document13 pages
Suriname Preliminary Report 2020
Suriname Mirror
100% (1)
Laudon Ess7 ch12 PDF
Document20 pages
Laudon Ess7 ch12 PDF
atharv bisht
No ratings yet
Iso - Iec 20000
Document22 pages
Iso - Iec 20000
Vincenzo Ostoni
No ratings yet
Technical Report On Curricular Changes in BESRA by Frenchelle Nacar
Document21 pages
Technical Report On Curricular Changes in BESRA by Frenchelle Nacar
Darelle Q. Delos Santos
No ratings yet
2017 11 22 Philippines Legal Challenges To Election Technology 0
Document23 pages
2017 11 22 Philippines Legal Challenges To Election Technology 0
Cia ednaAbacahan
No ratings yet
HR Scorecard (1st)
Document22 pages
HR Scorecard (1st)
Abhishek Sharma
No ratings yet
Political Organization of Societies: 1. Overview
Document5 pages
Political Organization of Societies: 1. Overview
scribdeterriza
No ratings yet
Hansen Mowen Managerial Accounting Ed. 8
Document14 pages
Hansen Mowen Managerial Accounting Ed. 8
annisa
0% (1)
Project Management Questionnaire
Document3 pages
Project Management Questionnaire
Mzee Kodia
0% (1)
Module 1 - Topic 1 - Topic Notes - V2 PDF
Document18 pages
Module 1 - Topic 1 - Topic Notes - V2 PDF
H Châu
No ratings yet
Project Management Chapter-13
Document17 pages
Project Management Chapter-13
erarun22
No ratings yet
New Normal Manual
Document1,276 pages
New Normal Manual
GMA News Online
No ratings yet
Signature Withdrawal
Document1 page
Signature Withdrawal
Jermaine Freeman
No ratings yet
Electoral College
Document30 pages
Electoral College
Peped
100% (1)