About the IAPP

ShanShan Pa, CIPP/E, CIPP/US, CIPM, FIP

Alibaba Cloud

Head of Compliance, Privacy, U.S., EMEA

ShanShan manages global privacy and compliance at Alibaba Cloud. She deals with the security and privacy compliance aspects of the cloud business. Prior to that, she worked in both, at internal and external compliance and audit functions in the areas of finance, pharmaceutical and technology. She has been active board members and supporter of multiple industry organization chapters such as the Cloud Security Alliance (CSA), the International Association of Privacy Professionals (IAPP), the Information Systems Audit and Control Association (ISACA) and a longtime volunteer for the SANS institution's security awareness program. She is an advocate for bridging privacy and security, and raising overall awareness.

Before joining the Publishing Advisory Board, ShanShan started as a Young Privacy Professional Leader, engaging local organizations and hosting educational network events to promote privacy in the community. She is also a Certified Information Systems Auditor (CISA) and a Certified Information Security Manager(CISM).

Contributions by ShanShan Pa

• Code of Conduct: A Practical, Cost-Effective Way to Demonstrate GDPR Compliance
  Speaker at IAPP Europe Data Protection Congress 2019
• Data Protection Impact Assessments: The Full Picture
  Speaker at IAPP Europe Data Protection Congress 2019
• Data Protection Impact Assessments: The Full Picture
  Speaker at Global Privacy Summit 2019
• Must-Have Privacy Training Features for Your Team
  Author
• How Privacy Tech Is Bought and Deployed
  Speaker at Privacy. Security. Risk. 2018
• Building and Managing an Effective Risk Assessment Program
  Speaker at Privacy. Security. Risk. 2018
• Acting and Reacting to Chinese Data Protection and Cybersecurity Reforms
  Speaker at IAPP Asia Privacy Forum 2018
• White Paper – Must-Have Privacy Training Features for Your Team
  
• What Keeps You Up at Night? CPOs Talk Business in China and China Going Global
  Speaker at Global Privacy Summit 2018
• On the European Commission's proposal for a regulation on the free flow of non-personal data
  The Privacy Advisor
• Researchers develop data portability recommendations for the cloud
  The Privacy Advisor
• Operationalising Privacy Tech—A Practitioner’s Perspective
  Speaker at IAPP Europe Data Protection Congress 2017
• GDPR matchup: Hong Kong’s Personal Data (Privacy) Ordinance
  Privacy Tracker
• Future of cloud-related opportunities discussed
  The Privacy Advisor
• Book Review: 'Privacy Law Fundamentals 2017'
  The Privacy Advisor
• Oversight body handed Code of Conduct for Cloud Service Providers
  The Privacy Advisor
• Speaker at Privacy. Security. Risk. 2018