In the lead up to the EU General Data Protection Regulation, so much of the focus was on fines and regulatory audits. But the GDPR includes a number of public-facing requirements, including notice and transparency, cookie consent, data subject rights, and breach notification, to name a few. Thus, a good deal of enforcement is going to be realized in the form of data subject complaints and in addressing reputational risks caused by the PR nightmares that can often follow compliance failures. So what can privacy offices do in response? In this article for The Privacy Advisor, Andrew Clearwater, CIPP/US, and Brian Philbrook, CIPP/E, CIPP/US, CIPM, CIPT, FIP, have some suggestions.
Full Story
Comments
If you want to comment on this post, you need to login.