2016 saw a host of new rules, regulations, guidelines, technology, and plenty of other reasons for privacy pros to hunt down tools and resources to help navigate the waters — particularly those of the north Atlantic. As you'll see in the rundown below, the main question on everyone's mind has been, and remains, how to handle the GDPR. Luckily, the IAPP, and notably the Westin Research Center, was ready with timely analysis and insight. Also in the mix are the new tools we launched with privacy vendors Nymity, OneTrust and TRUSTe.
Check out the full list of the Resource Center's MVPs below. You might find something helpful that you didn't know was there.
1. Top 10 operational impacts of the GDPR
The General Data Protection Regulation was finally agreed upon by the European Parliament and Council in December of 2015. It is set to replace the Data Protection Directive 95/46/ec in May 2018, and it contains lots of new protections for EU data subjects and penalties for non-compliant data controllers and processors. In this 10-part series, the IAPP Westin Research Center outlines specific provisions of the regulation.
2. IAPP-TRUSTe GDPR Readiness Tool
The IAPP and TRUSTe partnered up to provide an online tool to help companies assess their readiness to meet the requirements of the GDPR. The assessment is available via a special single-user version of TRUSTe Assessment Manager created for IAPP members and consists of more than 60 questions mapped to key requirements of the GDPR. The tool offers a gap analysis with recommendations to bring you closer to compliance.
3. Security Breach Response Plan Toolkit
This questionnaire created by Hogan Lovells and IBM as part of the IAPP's Pro Bono Privacy Initiative is intended to be used by an organization developing a personal information security breach response plan for data security breaches involving personal information. The results of the questionnaire will help organizations identify key information relevant to the creation of a security breach plan tailored to its particular needs and operations.
4. Tips for Removing Data from the Web
This toolkit created by Hogan Lovells and IBM as part of the IAPP's Pro Bono Privacy Initiative offers four categories of tips that individuals can use to help protect private and confidential information, web sites where you can find what information is known about you, and information on how to request the removal of information.
5. Nymity Structured Privacy Management
Nymity and the IAPP have teamed to provide a free set of tools that can help organizations better manage and report on their privacy programs based on structured privacy management. Recently lauded on the IAPP's Privacy List, the Nymity Privacy Management Workbook is an unlocked Microsoft Excel spreadsheet that can be used as is, or customized to meet a specific privacy officer’s needs. It's accompanied by the Getting Started Manual, which provides an operationalized approach to privacy management accountability and step-by-step instructions on how to use the workbook.
6. Colleges with Privacy Curricula
The IAPP is continuously building and updating a list of colleges with information privacy courses and programs. Separated by region and filterable by options such as distance learning, part-time, availability of externships and pre-requisites, the list includes a brief description of the available courses or program and a link to the school's website.
7. A Brief History of the General Data Protection Regulation
Ernst-Oliver Wilhelm, CIPM, CIPP/E, CIPT, chief privacy officer for GFT Technologies SE, created for the IAPP Resource Center this timeline of important milestones in the development of the EU General Data Protection Regulation, including links to official EU documentation.
8. 2015 IAPP Privacy Professionals Salary Survey
The 2015 Salary Survey represents data from 1,305 respondents across the globe, with the largest portion from the U.S., followed by Canada and Europe, and with additional responses from Latin America, Africa, the Middle East, Asia and Australia/New Zealand.
9. IAPP-OneTrust PIA Platform
The IAPP and OneTrust partnered to help organizations simplify their privacy impact assessments with an online privacy impact assessment tool. Included exclusively for IAPP members are ready-made HR, GDPR DPIA and DPIA Threshold Templates, plus U.S. government privacy threshold and PIA templates. Users have the ability to use these ready-made tools as is, customize them or build your own from scratch.
10. IAPP-EY Annual Privacy Governance Report 2016
In this second annual governance survey, the IAPP and EY surveyed more than 600 privacy professionals and received input about the role and title of the privacy professional within organizations, privacy budgets, operations, organizational structure, zones of influence and priorities. This year we also added questions about respondents' strategy to address cross-border data transfers and the GDPR. The report shows the signs of privacy’s maturation not only as a profession but also as an industry; the privacy tech sector is beginning to get traction, vendor management is improving and more than two-thirds reported privacy involvement in vendor selection and contracting.
Hopefully, the IAPP Resource Center helped make your job a little easier this year. Help us do more in the coming year, and let us know what kinds of resources you'd like to see. Comment below or email us here.
Want to see what else we have? Click here.
photo credit: NedraI Model T Wrench via photopin (license)
If you want to comment on this post, you need to login.