This web conference explores the concept of privacy by design, its significance and provides guidance on best practices for its successful implementation. Read More

Original broadcast date:14 March 2023 This web conference addresses how to determine and amplify the downstream return on investment of privacy initiatives, how to position automation as key to weathering the current economic environment, and techniques for creating and nurturing internal relationships that will champion your initiatives — and their budgets — to leadership Read More

Original broadcast date: 14 Feb. 2023 In this web conference you will learn, strategies on how privacy and security can create processes for pre-deployment insights from product and engineering teams, how to leverage privacy and security teams’ shared needs on third-party vendor reviews and record of processing activities and battle-tested tips on how to avoid getting ambushed for last-minute approval requests from the business. Read More

Original broadcast date: 11 May 2023 In this web conference, panelists will address how to collaborate with data owners across the organization to complete privacy and data protection impact assessments, how to mitigate privacy risk by operationalizing remediation efforts, how to map business processes and data flows for comprehensive privacy analysis and how to report on compliance status for effective regulatory adherence. Read More

This report, published by Tealium, surveyed over 1,200 professionals, and analyzes the value of a customer data platform. Read More

Original broadcast date: 21 March 2023 This web conference will discuss The IAPP- EY Annual Privacy Governance Report 2022. This research focused on five key foundational areas of governance. Read More

Original broadcast date: 27 Jan. 2023 This web conference addresses how the GDPR has influenced the new U.S. state privacy laws in California, Colorado, Connecticut, Utah and Virginia. Read More

This white paper provides insights on how privacy professionals responded to the Sephora enforcement action, and how they are updating their practices to account for the expansion of "sale." Read More

Original broadcast date: 15 Dec. 2022 This web conference will explain how you can leverage technology to unlock privacy benefits and keep up in today’s dynamic world. Specifically, this conference will look at navigating today’s privacy landscape: from it's ever-evolving global regulations, to earning trust with customers (whilst battling consent fatigue), to keeping up with industry shifts like transitioning to GA4. Read More

This web conference discusses how privacy teams can adapt to the organizations’ data lifecycle to achieve compliance. Read More

This web conference discusses how a single intelligent and dynamic data inventory will eliminate redundant manual processes, automatically detect applicable regulations and cross border transfers and provide out of the box regulator ready reporting. Read More

Original broadcast date: May 26, 2021  In this session, you’ll learn the essentials for operational success and actions for improvement across each stage of the incident response lifecycle. We also share key benchmark metrics and program key performance indicators that help you identify the maturity level of your program and ensure you are making data-driven decisions around process improvements. You will walk away with insights that will help you turn aspirational goals into a measurable plan.  Read More

Original broadcast date: 25 Oct. 2022 In this web conference, BigID Product Management Director Tomer Elias and Optiv Privacy and Governance Senior Manager Spencer Kindt, CIPP/E, discuss a new framework for data mapping toward standardization — where this becomes an umbrella term that charts how data is processed from A to Z. In this web conference you will learn what data mapping is along with current terminology and definitions, differences between data mapping and data discovery and more. Read More

Original broadcast date: 18 Oct. 2022 Too often, privacy and security teams work separately despite the truth: Many times, they’re working toward the same goals. For example: How many of us have realized duplicative paperwork and questionnaires during the third-party vendor vetting process? But if there’s early collaboration between privacy and security, the efficiencies gained can be game-changing. In this web conference, panelists discuss how organizations can gain privacy champions, learn strategies and tools for cross-functional collaboration and implement frameworks to collaborate efficiently. Read More

Original broadcast date: 30 Aug. 2022 In this web conference, panelists share common benchmarks and metrics for assessing your company’s data privacy policies, practices and program, how to track if your organization is following generally accepted privacy principles, how this all intersects with proposed changes from regulators via pending legislation and rulemaking in the American Data Privacy and Protection Act, the California Privacy Rights Act, the Terms-of-service Labeling, Design and Readability Act and more.  Read More

Original broadcast date: 24 Aug. 2022 In this web conference, panelists share best practices about how to measure the success of your privacy program. Panelists also emphasize which privacy metrics best demonstrate the value of your privacy program to your C-suite, highlight which privacy metrics tend to provide opportunities for improvement as well as which privacy metrics create unhelpful noise. Finally panelists also explore how to leverage privacy metrics to better incorporate Fair Information Practices into your day-to-day privacy reviews. Read More

In this Microsoft video series, their experts will provide comprehensive training and best practices for developing enterprise privacy solutions in a complex environment. Topics range from end-to-end privacy policy management and implementation to tactics for incident management and mitigation. These videos can help you gain the data protection knowledge you need to advance your career. expand_more Episode 1: Enterprise Privacy Management In the first episode of this series, Micr... Read More

Original broadcast date: 10 Aug. 2022 In this web conference, panelists discuss what your team should update to ensure compliance — drafting privacy documents without duplicating effort, how to plan for the future — what to expect as the ripple effect of data privacy regulations takes hold and how to identify steps to maximize trust while minimizing risk. Read More

The Hiscox Cyber Readiness Report provides an up-to-the-minute picture of the cyber readiness of businesses big and small, and offers a blueprint for best practice in the fight to counter an ever-evolving threat. Read More

Original broadcast date: 21 June 2022 In this web conference, panelists discuss how to identify personal information and critical privacy risks arising from data hoarding, overexposure and transfer, assess your privacy compliance against industry and Canadian regulatory bodies, such as the Personal Information Protection and Electronic Documents Act, automate risk mitigation and prevent privacy incidents, manage subject rights requests at scale and respond with confidence and more.  Read More

Original broadcast date: 10 May 2022 In this web conference, panelists discuss their experiences working within and for privacy offices and how having diversity in the privacy functions is an asset and risk mitigation.  Read More

This report, published by the Information Accountability Foundation, explores the meaning of “risk-based” in the context of privacy management. Read More

Original broadcast date: 29 March 2022 In this web conference you will learn how understanding and maintaining up-to-date data retention strategies is one of the numerous obstacles privacy professionals deal with and is often the blind spot in the privacy program especially with the varying laws across jurisdictions. You will also learn how organizations can integrate enforcement of policies like data retention, data minimization, access requests, etc., across the organization’s IT ecosystem. Read More

This guide, published by KPMG, offers insight into the future of the technology, media and telecommunications sector and the importance of privacy technology and data management in establishing trust among consumers. Read More

Original broadcast date: 3 February 2022 In this web conference, panelists discuss marketing and growth perspectives on privacy, how to collaborate and discuss privacy with marketing teams, and how to navigate complex advertising and marketing ecosystems. Viewers will get up to speed on techniques that build value while honoring values, and turn their privacy program into a growth engine that builds brand value, optimizes data utilization, and enhances the consumer experience. Read More

Original broadcast date: 26 January 2022 In this web conference WireWheel CPO, Rick Buck, leads a discussion with a consultant from Grant Thornton and an experienced CPO to learn, a framework for privacy assurance, lessons from creating and building privacy programs and tips on where to get started. Read More

Original broadcast date: 18 January 2022 In this web conference, you’ll learn how privacy teams can leverage technology to begin this shift by streamlining the ongoing understanding of the data being processed by the business and the laws and requirements that apply, enabling transparency with individuals and facilitating & respecting their choice in how their data can be used and making data use trusted by default by automatically enforcing these policies, principles & choices across the IT ecosystem. Read More

This updating report, published by Cisco, outlines five top security practices, sourced through an independent survey of over 5100 IT professionals across 27 countries. Read More

Original broadcast date: 15 September 2021 In this broadcast, FTI Technology's Information Governance, Privacy & Security experts discuss how to position your programs to stay out in front of state, federal and industry-specific privacy compliance obligations.  Read More

The Personal Data Protection Commission of Singapore published this guide to help organizations develop or improve their personal data protection policies and practices through the implementation of a data protection management program. Organizations may benchmark their existing personal data protection policies and practices against this guide. Read More

This article from Blancco discusses the exposure of highly personal data by improperly discarding IT assets, and how using software to erase the data permanently, among other possible solutions, could significantly lessen the risk of this occurring. Read More

Original broadcast date: 18 August 2021 There was a time when a competent privacy program could rely on nothing more advanced than documents, checklists, spreadsheets and emails. But that time has passed: the complexity of today’s privacy challenges necessitate smarter, faster, more scalable solutions--the old programs must become programmatic.  The privacy challenges posed by maintaining vast lakes of unruly personal data demand more than manual oversight. Add to that increased regulatory scrutiny and consumer expectation, and the problem looms large. In this presentation you will learn how software can ease your burden with greater data accuracy and integrity. Read More

Original broadcast date: 1 September 2021 This session shares practical steps to implementing Privacy by Design, also known as Data Protection by Design, for new products and services, venturing outside of the 7 principles that your backend engineers do not understand. It discusses what works and what does not at each different step; preparations, setup, roll-out, and review. Challenges and workarounds will be emphasized. Read More

Original broadcast date: 27 July 2021  What’s the real role of the privacy department in an incident? Turns out it’s a critical piece of the response puzzle. Through the difficult lessons of past incidents, organizations have learned forensic analysis is a team effort between the privacy and security departments. As it turns out, the services the privacy team provides to the resolution of the incident can extend beyond the singular event, and elevate the status and visibility of the privacy function and team within the broader organization. In this interactive, educational virtual session learn how you can start preparing to effectively handle a future incident, while also making clear the value of the privacy team's critical role within the business.  Read More

Original broadcast date: June 3, 2021  In this session, our panelists discussed the opportunities and challenges companies face navigating this transformation and shared insights on how they are building programs that are more resilient to change and better aligned with business needs. Read More

Original broadcast date: May 20, 2021  Next Generation Practice Leadership is more than operational compliance with applicable laws and industry codes of practice and the detection of bias and discrimination. It requires a team that looks beyond compliance and considers what is fair and respectful to people. This session provided insights and principles you can implement with your team. Read More

This web conference discusses how privacy KPIs can help you in business practice; for example, in negotiations about your budgets and HR resources. Read More

The ICO added a new section to its FOI toolkit that allows companies to self-assess their performances when having to refuse a request due to cost limits. The agency also published a series of tips for how to best handle inquiries. Read More

The U.K. Information Commissioner's Office developed a toolkit for organizations utilizing data analytics on personal data. As part of the ICO's artificial intelligence priority work, the toolkit offers key practices that will help organizations embed data protection from the outset when employing data analytics.  Click To View ... Read More

Original broadcast date: May 20, 2021  In this interactive privacy education web conference panelists looked at the key metrics and deliverables, dashboards, and reports that demonstrate the functionality and success of your organization’s privacy program.  Read More

Original broadcast date: March 18, 2021  Join privacy veteran Marty Collins from QuinStreet and Vivek Kokkengada from Securiti as they reveal the 7 Sins of Managing Data Privacy and how to avoid them. You'll learn best practices for discovering, protecting and governing data across multi-cloud environments, what pitfalls to avoid with regards to honoring consumer rights, managing risks for vendors handling sensitive data and strategies for efficiently implementing privacy by design. Read More

Original broadcast date: March 9, 2021  This session will identify challenges that contemporary privacy frameworks present for addressing intersectionality concerns, and suggestions for resolving those challenges. Panelists will discuss governance, consent/legal basis, and vendor management. They will also examine the role of employers, tensions between commitments to customers and employees, and how attempts to use data for good and justified purposes can be hindered by bias. Prepare to learn best practices and opportunities for addressing privacy concerns while advancing diversity, equity, inclusion and intersectionality as part of your business initiatives. Read More

Original broadcast date: March 2, 2021  Join this discussion between privacy specialists on this how global companies are managing and addressing a rapidly changing regulatory environment by putting into place a cross-organization, centralized privacy program based on a risk-based approach. Panelists will provide an overview of how they rely on a data-driven, centralized, flexible, risk-based framework to identify hidden risks, quantify their privacy “debt,” and use industry-specific benchmarking to measure privacy risk exposure. Read More

The Office of the Privacy Commissioner of Canada developed a privacy guide to help organizations adhere to the Personal Information Protection and Electronic Documents Act. The guide contains a summary of principals within PIPEDA organizations should follow, as well as the meaningful consent and privacy breach requirements they must meet. Read More

During summer 2020, 21 privacy leaders from industry, government and academia graciously shared their views on the impact of COVID-19 on privacy priorities, practices and programs. We captured their experiences, challenges and recommendations in this five-part series. Read More

The IAPP, in partnership with FairWarning, set out to identify characteristics and behaviors of privacy and data protection teams. Read More

This white paper maps U.S. National Institute of Standards and Technology Privacy Framework’s Core to the Body of Knowledge for a Certified Information Privacy Technologist. Read More

Original broadcast date: June 18, 2020 This privacy education web conference presents a model for thinking about building a privacy culture via a training and awareness program, and we will focus on the different actions and attitudes needed to succeed at building such a program. Read More

Original broadcast date: June 17, 2020 In this privacy education web conference, former U.S. Federal Magistrate Judge Ronald Hedges and practicing Privacy and Information Governance Attorney John Isaza will share their practical insights on privacy preparedness for audits and consumer requests. The web conference will cover the expectations an outside auditor or data protection authority might expect organizations to have in place when it comes to privacy compliance workflows, plus best practices for how to be ready in the event of a consumer’s right-to-be-forgotten request. Overarching these practices tips will be a discussion of the role of the organizational retention program as a centerpiece to compliance. Read More

Original broadcast date: May 12, 2020 Join us for this privacy education web conference that will breakdown the latest techniques for privacy pros to create strategic vendor risk management programs that meet their privacy goals. Read More

As companies, educational institutions, governments and other organizations shift to remote work environments during the COVID-19 pandemic, the need for technologies to facilitate engagement has exploded. In this checklist are key questions for privacy professionals to consider as they navigate this process. Read More

This new series for The Privacy Advisor by the team at Sentinel, a privacy consultancy and the company behind the privacy program management technology Ethos, will examine the rationale and benefits of building a culture of privacy in your organization by highlighting five organizational drivers that, in combination, can result in lasting change. Read More

To offer insight into the professional skill set needed to implement the NIST Privacy Framework, the International Association of Privacy Professionals’ Westin Research Center mapped the Privacy Framework’s Core to the Body of Knowledge for a Certified Information Privacy Manager. Read More

In Measuring Privacy Operations 2019, the IAPP and TrustArc offer privacy professionals around the globe a look at how their colleagues are implementing privacy requirements. This is the latest in a series of reports designed to help companies benchmark their own privacy practices against those of their partners and competitors. Read More

This tool from the Office of the Information & Privacy Commissioner for British Columbia helps organizations meet legal obligations and the expectations of clients and customers for the privacy and security of personal information. This self-assessment form will help organizations decide whether improvements are needed to better protect the personal information they collect to comply with the law. Click To View (PDF) ... Read More

The Future of Privacy Forum has created an infographic that shows: The complexities of how organizations collect and use data. The risks involved. How principled data stewardship supports the goals of innovation, growth, brand development and social responsibility. Click To View ... Read More

This guide from the Spanish data protection authority, the AEPD, introduces the concept of privacy by design, principles that go with it and design strategies for organizations to implement.  Click To View (PDF) ... Read More

Original broadcast date: Sept. 29, 2020 Join us for this privacy education web conference to hear from Microsoft security and compliance leaders on the latest strategies for mitigating top data protection challenges and how Microsoft solutions can help with those hurdles. Read More

Original broadcast date: Sept. 15, 2020 Have you ever talked to your IT teams and wondered, “Do they even understand what I am saying?” or, conversely, struggled to comprehend the mishmash of technological jargon and process hurdles IT teams throw up that impede your efforts at compliance? If you've been in these situations or want to improve communication with your IT teams, please join us for this live interactive virtual conversation in which we will share what it is like to “think like an engineer.” Dataguise's Christopher Glover and Microsoft's Chris Longman will discuss how to align these teams to effectively operationalize privacy programs. Read More

Original broadcast date: Aug. 18, 2020 Join us for this anonymized case study covering a large, multinational organization in a highly regulated environment and their project to implement EU General Data Protection Regulation–based privacy retention requirements in a large-scale IT environment with thousands of systems of all types, ages and characteristics. Read More

Original broadcast date: Aug. 6, 2020 In this privacy education web conference discussion, we’ll hear from several privacy program managers about their successes and challenges with building a data privacy culture with their organizations. You’ll learn what they tried, what worked, what didn’t and other real-world lessons from these experts as they sought to increase awareness of privacy best practices and encourage consistent data-protecting behavior. Read More

(July 2018) – Implementing a “positive-sum” approach, one of the seven principles of privacy by design, in which stakeholders share a single set of objectives driving the design, development and implementation of business initiatives or technologies, provides a strategic boost toward attaining effectiveness and sustainability. In this white paper get insight on the benefits of a positive-sum approach and operationalizing it in your organization. Read More

Employees are required to remember seemingly countless privacy regulations and policies, which requires privacy programs to monitor and reinforce positive behaviors all the time. Still, when a privacy incident is reported the privacy office, it’s easy to become dismayed at how the mistake could have possibly occurred. Many incidents occur even as employees believe they are doing the right thing, but are instead burdening the company with unnecessary risk. In this white paper, learn about the top mistakes employees make, absent proper awareness and training. Read More

In this white paper, learn about the essential elements of an organizational privacy training program. Read More

(October 2017) – This IAPP white paper by Enterprivacy Consulting Group's Jason Cronk attempts to contrast two approaches to privacy by design, the PIA-based PbD approach and the proactive — or strategic — PbD approach. Read More

Last Updated: August 2018 This series written for The Privacy Advisor by the team at Radar is about establishing program metrics and benchmarking your privacy incident management program. Radar provides purpose-built software designed to guide users through a consistent, defensible process for incident management and risk assessment. A significant volume of incidents involving regulated personal data is processed through the Radar platform, and that number grows every day. The Radar team will... Read More

This paper from the Electronic Frontier Foundation focuses on corporate third-party tracking — the collection of personal information by companies that users don’t intend to interact with. Specifically, it outlines the technical methods and business practices behind third-party tracking. Click To View ... Read More

Last Updated: May 2016 A successful privacy program is a complex undertaking. The privacy team needs to stay abreast of regulatory and statutory changes; watch for potential threats from both external and internal sources; assure compliance in existing or emerging business practices; respond to stakeholder inquiries; and provide privacy leadership to their organization to name just a few of their myriad responsibilities. With this many balls to keep in the air, how can you quickly explain the... Read More

Last Updated: June 2016 Increasingly, c-suite executives and board members have questions about their companies' cybersecurity practices — or lack thereof. This series provides high-level answers to some of those questions, specifically focusing on the development of cybersecurity policies, incident-response plans, liability of board members and executives for data breaches and the attorney-client privilege for cybersecurity investigations. Part 1: What is Cybersecurity? Part 2: Liabilities... Read More

Original broadcast date: June 22, 2015 Have you been charged with building a privacy program from scratch with few or no resources? If so, you’re not alone. But fear not; it can be done! Join us for this very practical presentation from two seasoned veterans and learn not only what you need to do to get started but also how to prioritize your checklist. You’ll hear about how to identify the people, processes and technologies you need to accomplish your goals when given a very limited budget to work with and what the most important first steps are in standing up your program. Read More

This four-part series by Chris Pahl, CIPM, CIPP/C, CIPP/E, CIPP/G, CIPP/US, CIPT, for The Privacy Advisor examining how to assess a program’s value, take inventory of what matters, use program metrics to show effectiveness and develop a strong communication plan. Read More

This series of Privacy Advisor articles by Deidre Rodriguez, CIPP/US, explores different aspects of privacy programs, why they're important and how to implement them in your organization. Read More

Last Updated: November 2015 In this four-part series, Stephen Bolinger, CIPP/E, CIPP/G, CIPP/US, CIPM, who spent years at tech giant Microsoft, shares some of the strategic and tactical decisions along the way as a first-time CPO, as well as some observations on the differences and similarities between privacy programs and roles at a large multinational versus a small tech start-up. Part 1: Identifying and triaging any clear gaps in compliance Part 2: Building privacy into the culture of yo... Read More

Published: August 4, 2014 Back in 2006, then IBM CPO Harriet Pearson, CIPP/US, said, "a good CPO must do more than just ensure that companies comply with the present-day law. They must also attempt to second-guess future innovation and design company security policies and procedures accordingly.” While the position of the CPO has most certainly changed in the past eight years, as has Pearson’s, this quote has stood the test of time as innovations in technology—and with that, data collection,... Read More