Introduction to Resource Center
This page provides an overview of the IAPP's Resource Center offerings.

Contact Resource Center
For any Resource Center related inquiries, please reach out to resourcecenter@iapp.org.

Privacy Program Operations
 

Resource Center / Topic Pages / Privacy Program Operations

Image

Privacy Program Operations

TOPIC PAGE

Navigate Page

On this topic page, you can find the IAPP’s collection of coverage, analysis and resources covering privacy program operations.

  • expand_more

    Related content

    Privacy Program Management

    This IAPP textbook for the Certified Information Privacy Manager (CIPM) program provides critical knowledge for managing privacy program governance and operations.
    View here

    Strategic Privacy by Design
    This IAPP textbook contains a methodology for building privacy into a product, service, or business process.
    View here

Back to top

News Articles

Privacy Program Operations

View all News Articles

How to train AI lawfully?

NEWS ARTICLE

Where should privacy sit within an organization? Legal or compliance is best

NEWS ARTICLE

Behind Ontario’s IPC newly updated deidentification guidelines

NEWS ARTICLE

ISO updates standard on managing privacy compliance programs

NEWS ARTICLE

A view from DC: Don’t mess up your employee privacy notice

NEWS ARTICLE

With SB 53, California puts AI disclosure requirements on the map

NEWS ARTICLE

How AI is compelling a rethink on organizational cybersecurity strategies

NEWS ARTICLE

A view from Brussels: The balancing act of simplifying the EU digital rulebook

NEWS ARTICLE

Post-quantum trust architectures: Future-proofing privacy, provenance, and verifiability

NEWS ARTICLE

A case study in China privacy operations: The Dior wake-up call

NEWS ARTICLE

Responsible AI governance shouldn’t start — much less end — at legal compliance

NEWS ARTICLE

Vietnam’s draft digital transformation law proposes ‘far-reaching’ paradigm for digital platforms

NEWS ARTICLE

Beyond job displacement: Operational fragility is the real AI risk

NEWS ARTICLE

A case study in privacy operations: The Maryland SPI rule

NEWS ARTICLE

What the proposed Anthropic copyright settlement could mean for AI data deletion policies

NEWS ARTICLE

Implementing a DPA program: A perspective from Botswana

NEWS ARTICLE

CJEU clarifies personal data definition in context of pseudonymization

NEWS ARTICLE

The reality of privacy work

NEWS ARTICLE

Model drift, data leaks and deepfakes: Rethinking AI governance in the age of autonomous risk

NEWS ARTICLE

The rise of AI in cybersecurity: Finding the right balance between security and privacy

NEWS ARTICLE

Luminos.AI, ZwillGen partner on AI law platform to help scale common governance practices

NEWS ARTICLE

Privacy engineering for AI machine learning: Addressing algorithmic disgorgement risks during product development

NEWS ARTICLE

Why the increase in business representatives in the EU?

NEWS ARTICLE

Achieving privacy excellence: Understanding the privacy maturity model

NEWS ARTICLE

A view from Brussels: Addressing data retention discrepancies

NEWS ARTICLE

The next chapter for ROPAs

NEWS ARTICLE

Navigate 2025: How individuals’ feelings inform AI governance practices

NEWS ARTICLE

There’s no opting-out of universal opt-outs

NEWS ARTICLE

Rebuilding digital trust: How blockchain is making privacy a default

NEWS ARTICLE

What Brazil’s ANPD expects from companies using generative AI

NEWS ARTICLE

From compliance cost to competitive edge: How privacy leaders can command the executive table

NEWS ARTICLE

Key takeaways from Ireland’s DPC annual report

NEWS ARTICLE

Meta’s risk assessment updates look toward ‘holistic’ approach

NEWS ARTICLE

Japan passes innovation-focused AI governance bill

NEWS ARTICLE

Right-sizing AI governance: Starting the conversation for SMEs

NEWS ARTICLE

Insights from the ANPD’s new technical note on automated decisions

NEWS ARTICLE

Home sweet home or location, location, location: The best place for your company’s privacy office

NEWS ARTICLE

Mirror, mirror: Navigating privacy and AI compliance with digital clones

NEWS ARTICLE

Cloud-based test automation: Managing data privacy risks in regulatory technology environments

NEWS ARTICLE

The EU AI Act and copyrights compliance

NEWS ARTICLE

Privacy review: How to develop an internal data analytics program

NEWS ARTICLE

Artificial illusion: Global governance challenges of deepfake technology

NEWS ARTICLE

Handsets, headsets and hyperscreens: Emerging ideas for immersive experiences and the importance of governance by design

NEWS ARTICLE

The myth of anonymization: Why AI needs a new privacy paradigm

NEWS ARTICLE

The FTC and the future of third-party due diligence

NEWS ARTICLE

Operational impacts of the EDPB’s opinion on data protection in AI models

NEWS ARTICLE

Why privacy should be the marketing industry nonnegotiable in 2025

NEWS ARTICLE

The quiet revolution in workplace tech

NEWS ARTICLE

The AEPD’s approach to AI: Smarter models, better compliance

NEWS ARTICLE

First case on PIPL’s extraterritorial scope highlights key compliance priorities

NEWS ARTICLE

Foundational considerations in mitigating AI data risk

NEWS ARTICLE

Will AI replace me?

NEWS ARTICLE

The EU Digital Services Act: Ready to meet reporting obligations?

NEWS ARTICLE

Beyond compliance: The case for adaptive AI governance

NEWS ARTICLE

Maturing the AI Literacy Program

NEWS ARTICLE

Privacy and security: Better together

NEWS ARTICLE

Preparing for compliance: Key differences between EU, Chinese AI regulations

NEWS ARTICLE

Key considerations when setting up model data protection clauses

NEWS ARTICLE

Designing an AI literacy program

NEWS ARTICLE

The shadow data market: Privacy risks lurking in forgotten information

NEWS ARTICLE

How to implement effective privacy training

NEWS ARTICLE

Understanding AI literacy

NEWS ARTICLE

10 areas for US-based privacy programs to focus in 2025

NEWS ARTICLE

View More

Back to top

Research Articles and Reports

Privacy Program Operations

View all Research Articles and Reports

Whose risk is it anyway? How positions and perspectives inform digital risks

RESEARCH ARTICLE

Risk analysis is the foundation of data security, but regulator approaches differ

RESEARCH ARTICLE

Salary and Jobs Report 2025-26

REPORT

AI governance in the agentic era

RESOURCE ARTICLE

The ethical use of AI in advertising

RESEARCH ARTICLE

Compliance technology adoption: Navigating and overcoming challenges

RESEARCH ARTICLE

AI Governance Profession Report 2025

REPORT

US Data Privacy Litigation: Litigating accountability through shareholder action

RESOURCE ARTICLE

Benchmarking salary for digital responsibility

RESEARCH ARTICLE

US Data Privacy Litigation: Security breach litigation

RESOURCE ARTICLE

Top 10 operational impacts of the EU AI Act

ARTICLE SERIES

Privacy Governance Report 2024

REPORT

Top 10 operational impacts of India’s DPDPA

ARTICLE SERIES

Top 10 operational impacts of India’s DPDPA – Consent management

RESOURCE ARTICLE

Responsible AI Management Report

REPORT

Amending Australia’s Privacy Act: Small businesses, bigger responsibilities

RESEARCH ARTICLE

Professionalizing Organizational AI Governance Report

REPORT

Implications of the AI executive order for business

RESOURCE ARTICLE

Top 10 operational impacts of India’s DPDPA – Obligations of data processing entities

RESOURCE ARTICLE

Privacy governance: A problem solved or an ongoing challenge?

RESEARCH ARTICLE

Privacy Risk Study 2023

REPORT

A trans-Atlantic comparison of a real struggle: Anonymized, deidentified or aggregated?

RESEARCH ARTICLE

Privacy and AI Governance Report

REPORT

The alignment problem with sale of data

WHITE PAPER

Maximize your minimization and other takeaways from the FTC’s Drizly case

RESEARCH ARTICLE

Top 5 Operational Impacts of China’s PIPL

ARTICLE SERIES

Privacy in M&A Transactions Playbook

REPORT

Privacy as a competitive differentiator: Building an effective and strategic healthcare privacy program

WHITE PAPER

Vaccine credential systems: Considerations for US employers

RESEARCH ARTICLE

Ransomware, data protection and compliance

RESEARCH ARTICLE

Top 10 operational impacts of the CPRA

ARTICLE SERIES

Privacy in the Wake of COVID-19

REPORT

Privacy Leaders’ Views – The Impact of COVID-19 on Privacy Priorities, Practices and Programs

WHITE PAPER

Top 5 operational impacts of Brazil’s LGPD

ARTICLE SERIES

Benefits, Attributes and Habits of Mature Privacy and Data Protection Programs

REPORT

State of Data Rights Report

REPORT

The Skill Set Technologists Need to Implement a Privacy Risk Management Framework

WHITE PAPER

How to Build a Culture of Privacy

ARTICLE SERIES

Measuring Privacy Operations Report

REPORT

How Privacy Tech Is Bought and Deployed Report

REPORT

CCPA offers minimal advantages for deidentification, pseudonymization, and aggregation

RESEARCH ARTICLE

Top 5 Operational Impacts of the CCPA

ARTICLE SERIES

Applying the Positive-Sum Principle for Successful Privacy by Design Outcomes

WHITE PAPER

Six Ways Privacy Awareness Training Will Transform Your Staff

WHITE PAPER

Must-Have Privacy Training Features for Your Team

WHITE PAPER

Privacy and Data Security is for Everyone

WHITE PAPER

They Did What? Top Privacy Mistakes To Watch Out For (and How To Avoid Them)

WHITE PAPER

DPO Outsourcing Series

ARTICLE SERIES

Top 10 operational responses to the GDPR

ARTICLE SERIES

How Privacy Awareness Builds Trust

WHITE PAPER

GDPR Compliance Report

REPORT

Monetizing Personal Information Series

ARTICLE SERIES

Check or Mate? Strategic Privacy by Design

WHITE PAPER

Benchmarking your Privacy Incident Management Program

ARTICLE SERIES

GDPR Matchup Series

ARTICLE SERIES

Shopping Smart for Cyberinsurance Series

ARTICLE SERIES

Assessing Mobile App Data Privacy Risk

WHITE PAPER

Incident Response Series

ARTICLE SERIES

Getting to the ROI of Privacy

WHITE PAPER

Ransomware Epidemic Series

ARTICLE SERIES

Building a Program that Provides Value

ARTICLE SERIES

Key Attributes of a Successful Privacy Program

ARTICLE SERIES

How the C-Suite Should Talk About Cybersecurity

ARTICLE SERIES

Starting up privacy at a start-up

ARTICLE SERIES

How IT and Infosec Value Privacy Report

REPORT

The Top 10 Operational Impacts of the GDPR

REPORT

Monitoring Your Privacy Program Series

ARTICLE SERIES

Third-Party Vendor Management Means Managing Your Own Risk

ARTICLE SERIES

Top 45 Security and Privacy Blind Spots

WHITE PAPER

Privacy, Security and Practical Considerations for Developing or Enhancing a BYOD Program

WHITE PAPER

Managing Your Data Breach

WHITE PAPER

Ten Steps to a Quality Privacy Program

ARTICLE SERIES

Privacy Policies: How To Communicate Effectively with Consumers

WHITE PAPER

View More

Back to top

Tools and Trackers

Privacy Program Operations

View all Tools and Trackers

Data Security Program Cheat Sheet

INFOGRAPHIC

IAPP Key Dates 2025

TOOL

Mapping and Understanding the AI Governance Ecosystem

CHART

Digital Governance in Europe: A Stakeholder Map of European Institutions and Regulators

TOOL

At-a-Glance: Privacy Governance Report 2024

INFOGRAPHIC

10 Tips for Global Compliance with Privacy and Data Protection Laws

INFOGRAPHIC

EU AI Act: The web of regulatory intersections

INFOGRAPHIC

The Intersection of Privacy and AI Governance

CHART

At-a-Glance: Privacy Risk Study 2023

INFOGRAPHIC

Show me the privacy money – Budget and Staffing

INFOGRAPHIC

Expedited Vendor Privacy and Security Assessment Checklist

TOOL

Consumer Privacy Notice Template

TOOL

Sample Data Processing Agreement

TOOL

Sample Job Description of the Chief Privacy Officer

TOOL

View More

Back to top

Podcasts, Videos, Web Conferences

Privacy Program Operations

View all: Podcasts, Videos, Web Conferences

EU digital law and policy: Making sense of the matrix

VIDEO

Data foundations for AI success: How governance powers privacy and compliance

WEB CONFERENCE

AI governance in the agentic era

WEB CONFERENCE

Data domino effect: How one missed data point can threaten your privacy program

WEB CONFERENCE

The EU AI Act is here: Are global organizations ready?

WEB CONFERENCE

Anticipating and preparing for changes in AI policy

WEB CONFERENCE

New EU Mandate: What it means for your digital governance program (Part 2)

VIDEO

UK Data Act: Key provisions and next steps for implementation

VIDEO

Agentic AI: Navigating the tension between privacy and the next generation of AI

WEB CONFERENCE

Data governance and metaverse technologies

VIDEO

New EU Mandate: What it means for your digital governance program

VIDEO

Privacy for risk management: Bridge the business, technology and compliance gaps

WEB CONFERENCE

Meta’s risk evolution: Automating privacy reviews for integrated digital governance

VIDEO

The impact of AI on companies of all sizes

VIDEO

The real-world work and right-now experience around AI governance in matters related to children

VIDEO

The strategic privacy pro: How to be a partner, not a blocker

WEB CONFERENCE

The privacy gym: Get your data in shape!

WEB CONFERENCE

The reluctant privacy pro: Shortcuts and tips for marketing, security, IT & more

WEB CONFERENCE

A discussion with NYC CPO Michael Fitzpatrick

PODCAST EPISODE

A blueprint for efficient SRRs: Mastering your subject rights workflow

WEB CONFERENCE

Sleeping giant of privacy, security and e-discovery data deletion

WEB CONFERENCE

Discovering the ROI of privacy automation

WEB CONFERENCE

Getting bang for your buck: Spending your 2025 privacy budget wisely

WEB CONFERENCE

Data deletion ‘Jeopardy’: Minimizing risk in a data-driven world

WEB CONFERENCE

Privacy pros: Why collaborate with sales and marketing and how to do it well

WEB CONFERENCE

AI red teaming strategy and risk assessments: A conversation with Brenda Leong

PODCAST EPISODE

Unlock privacy ROI: Why making cross-functional allies is key

WEB CONFERENCE

30 countries, 200+ domains, one end goal: Managing privacy compliance at scale

WEB CONFERENCE

Data governance approaches to mitigating AI risk

WEB CONFERENCE

Automated decision-making: Navigating your compliance obligations

WEB CONFERENCE

Why privacy is your secret weapon against third-party risk

WEB CONFERENCE

Organizational Digital Responsibility in Practice

VIDEO

Implementing AI governance in a global compliance environment

VIDEO

Future-proofing consent: Effective compliance in a changing landscape

WEB CONFERENCE

Navigating the regulation jungle: Be compliant, work efficiently and stay sane

WEB CONFERENCE

The cost of noncompliance: More than just fines

WEB CONFERENCE

Securing buy-in: Making the business case for data privacy

WEB CONFERENCE

Building the case: Get buy-in to minimize data across your organization

WEB CONFERENCE

Beyond setup: Key steps to continuous compliance in consent management

WEB CONFERENCE

Building an AI governance and compliance program

WEB CONFERENCE

Bringing your AI policy to life: Operationalizing key strategies for governance

WEB CONFERENCE

Universal consent: Building beyond cookie consent

WEB CONFERENCE

Auditing consent: Essential strategies for improving consent compliance in 2024

WEB CONFERENCE

Best practices for building and enforcing global retention schedules

WEB CONFERENCE

3 steps to elevating your third-party risk management process

WEB CONFERENCE

Mastering the art of AI governance to unlock generative AI innovation

WEB CONFERENCE

Data Privacy Day: How privacy champions can build a privacy-centric culture

WEB CONFERENCE

Prioritizing privacy to bolster trust in innovation

WEB CONFERENCE

Foundations for an effective AI governance program

WEB CONFERENCE

Privacy by design to evolve beyond compliance & enforce responsible use of data

WEB CONFERENCE

Managing privacy in the era of generative AI

WEB CONFERENCE

The building blocks for managing privacy risks at Square Enix

WEB CONFERENCE

Getting companies to embrace a holistic data strategy

VIDEO

Changing Privacy and Stakeholder Management for a Cloud-First World

WEB CONFERENCE

Weathering the storm: Building an effective privacy budget & proving ROI in 2023

WEB CONFERENCE

State AGs and Privacy in 2023: What Your Business Needs to Know

WEB CONFERENCE

Leveraging privacy governance for the responsible use of AI

VIDEO

Five ways to build a bulletproof PBD program with your security partners

WEB CONFERENCE

Taking your EU GDPR program across the pond

WEB CONFERENCE

Privacy by Code: Filling the Gap in Your Privacy Programs

WEB CONFERENCE

What Your Business Should Be Doing Now to Unlock Privacy Benefits

WEB CONFERENCE

Data Lifecycle: The Privacy Path Less Chosen

WEB CONFERENCE

Next Gen Privacy: Breathing life into your legacy inventory process

WEB CONFERENCE

How to future-proof your privacy program

WEB CONFERENCE

Automated Data Mapping That Charts the Course for Privacy and Beyond

WEB CONFERENCE

Three Ways Privacy and Security Can Crush Third-Party Reviews – as Friends

WEB CONFERENCE

Perfecting Privacy Practices

WEB CONFERENCE

Privacy Metrics to Uplevel Your Privacy Program

WEB CONFERENCE

Consumer Perspectives on Data Privacy and Implications for Business Growth

WEB CONFERENCE

Managing Privacy Risk and Safeguarding Personal Information

WEB CONFERENCE

The Importance of Diversity in the Privacy Office: A U.S. Perspective

WEB CONFERENCE

Data Retention: The Blind Spot in Your Privacy Program

WEB CONFERENCE

How To Build An Effective Privacy Engineering Team

VIDEO

Marketing and Consumer Experience Perspectives to Enhance Your Privacy Program

WEB CONFERENCE

Practical Tips for Building Your Privacy Operations

WEB CONFERENCE

Establishing Repeatable and Scalable Privacy Programs

WEB CONFERENCE

A Practitioner Approach to Implementing Data Protection & Privacy by Design

WEB CONFERENCE

From Programs to Programmatic: New Mindsets & Methods for Privacy Challenges

WEB CONFERENCE

Why Privacy Departments Hold the Key to Incident Response

WEB CONFERENCE

Rethinking notice and consent: A chat with Jen King

PODCAST EPISODE

Building a Resilient Privacy Program and Operation

WEB CONFERENCE

Building a Next Generation Practice Leadership

WEB CONFERENCE

Privacy Metrics: Measuring Privacy Programs

WEB CONFERENCE

Privacy KPIs: Showing the Business Your Privacy Management is Effective

WEB CONFERENCE

The 7 Sins of Managing Data Privacy

WEB CONFERENCE

D&I and Your Privacy Program: A Discussion on Intersectionality

WEB CONFERENCE

A 360-Degree View of Enterprise-wide Privacy Risk

WEB CONFERENCE

Privacy Compliance Meets IT

WEB CONFERENCE

Privacy Program Remediation to Incorporate Legacy Systems

WEB CONFERENCE

Building a Privacy Culture: A Conversation with Privacy Program Managers

WEB CONFERENCE

Building a Privacy Culture in Our Conflicted Age

WEB CONFERENCE

Practical Primer on Privacy Preparedness

WEB CONFERENCE

Strategic Vendor Risk Management for Privacy Pros

WEB CONFERENCE

Building a Privacy Program from Ground Zero

WEB CONFERENCE

View More

Back to top

Back to Top

Back to top