PIAs and Data Mapping – Operationalizing GDPR and Privacy by Design

Sponsored by OneTrust

Given the new and challenging requirements of the GDPR that will be enacted soon, companies and organizations doing business globally need to think hard about how to best implement efficient and effective data handling practices that are replicable and consistent. Beyond that, taking good care of your customers' data is simply a necessary business practice in a competitive world, and the right thing to do.

As a privacy professional responsible for overseeing these operations, what tools will you use, and how do you determine what privacy impacts your new products and services will have? A privacy impact assessment (PIA) is the perfect tool to document and track these new initiatives, but it can be a complicated and challenging project to launch. Join us in this virtual discussion as we walk you through the process of creating a PIA, and hear us tackle the critical questions including:

  • When and why a PIA is a necessary and useful tool
  • How PIAs evolve over time:
    • Face-to-face conversations
    • Informal documentation
    • Procedural questionnaire
    • Project and team specific questions
  • What templates should you use, or should you use a template at all?
  • What resources are at your disposal?
  • How to continue to benchmark and improve your PIA over time
  • Once you've completed a PIA, how do you share its value with upper management and others in the organization?

Andrew Clearwater, CIPP/US
, Director of Privacy, OneTrust

Caroline Olstedt Carlström, Vice President and Chief Counsel, Global Privacy, Klarna, Sweden
Michael Spadea, Director of Privacy, Promontory Financial Group

Original broadcast Date: August 24, 2016

Moderator: Eligible CPEs: CIPM, CIPT, CIPP/E, CIPP/US, CIPP/C and CIPP/G
1.0 CPE credit

Access Recording