Greetings from Portsmouth, New Hampshire!
I’m in sunny New Hampshire, USA, meeting with leadership here at the IAPP world headquarters as we engage in planning for 2017 and beyond. One thing I probably don’t speak about enough in these notes is the amazing staff the IAPP has assembled to help support all of you privacy professionals as you go about your daily work.
As the conduit for your voice here in Europe, I can tell you that I’ve been advocating strongly for more resources to help with the incredibly difficult tasks you have ahead of you in complying with the GDPR, self-certifying under the Privacy Shield, and even doing “simple” things like budgeting for the year ahead and coming up with your own priorities and goals. What will or should the DPO function look like in your organization? How do you get c-level executive buy in? What tools are on the marketplace to help you multiply and manage your resources? How should our training and certification products be adjusted as data protection and privacy matures in Europe as both a profession and a social construct?
As always, if you have thoughts on these matters, please make sure to pass them along to me so that I can filter and process those thoughts through the organization.
And, of course, there is the news of the day, with Privacy Shield now fully operational, and companies now fully engaged in understanding the self-certification process, and working through the many steps necessary to do it correctly.
It will be interesting to see how companies evaluate the risk of adopting Privacy Shield, given the comments of the Hamburg DPA, as detailed in the excellent story put together by our European contributor David Meyer below. Is all the work with it for what may be a year of operational benefit? If your company had to put a percentage on the likelihood of Privacy Shield existing in one, three or five years’ time, what would that number be? And how does that number factor into your entire organization’s strategic and operational decision-making?
Every organization is having to answer these questions for themselves, hedging bets with things like standard contractual clauses, which have their own risks associated with them.
As always, the IAPP is here to help you with these decisions and, again, please let me know if there are resources we could be providing. We won’t be able to do everything you ask, but we’ll start checking off the requests as fast as we can.
If you want to comment on this post, you need to login.