ResourceCenter

All the tools and information you need in one easy-to-find place

Privacy Program Operations

Resource Center / Topic Pages / Privacy Program Operations

Privacy Program Operations

TOPIC PAGE

Creating or further developing a privacy program is no simple thing. An effective and successful privacy program is built not just on knowledge of the relevant laws and how to comply with them, but also on proactive strategies, persuasion, political savvy, adaptability and a passion to get an exciting new organizational function up and running. This topic page offers tools, guidance and research to help you achieve your goal.

Featured Resources

Back to top

Privacy Governance Report 2024

This report builds on previous comprehensive efforts to shine a light on the location, performance and significance of privacy governance within organizations.

Organizational Digital Governance Report

This report provides analysis on the extent to which organizations currently or intend to structure their resources and decision-making to respond to digital governance, providing clarity on the complexity of the current digital policy environment.
Read More

Privacy Risk Study 2023

This report represents the most comprehensive study of privacy risk undertaken by the IAPP in collaboration with KPMG.

BOOK

Privacy Program Management

This is the official textbook for the Certified Information Privacy Manager (CIPM) program, providing critical knowledge for managing privacy program governance and operations.
Read More

Responsible AI Management

This report, published by The Ohio State University in collaboration with the IAPP, conveys the results of a study of responsible AI management practices at businesses that develop and use AI.
Read More

AI governance in a global compliance environment

This LinkedIn Live breaks down current AI governance implementation trends in the EU, U.S. and beyond.
Read More

Back to Top

Back to top

Additional News and Resources

The quiet revolution in workplace tech

Privacy and security: Better together

10 areas for US-based privacy programs to focus in 2025

Discovering the ROI of privacy automation

WEB CONFERENCE

Key considerations when setting up model data protection clauses

Getting bang for your buck: Spending your 2025 privacy budget wisely

WEB CONFERENCE

The shadow data market: Privacy risks lurking in forgotten information

How to implement effective privacy training

New tools aim to improve data activity monitoring, compliance efficiency

It’s time to secure user data in your identity system

At-a-Glance: Privacy Governance Report 2024

INFOGRAPHIC

Data deletion ‘Jeopardy’: Minimizing risk in a data-driven world

WEB CONFERENCE

Privacy pros: Why collaborate with sales and marketing and how to do it well

WEB CONFERENCE

Unlock privacy ROI: Why making cross-functional allies is key

WEB CONFERENCE

30 countries, 200+ domains, one end goal: Managing privacy compliance at scale

WEB CONFERENCE

Data governance approaches to mitigating AI risk

WEB CONFERENCE

Automated decision-making: Navigating your compliance obligations

WEB CONFERENCE

Why privacy is your secret weapon against third-party risk

WEB CONFERENCE

Why terms of service should be on your AI governance radar

Organizational Digital Responsibility in Practice

At-a-Glance: AI Governance in Practice Report 2024

INFOGRAPHIC

Future-proofing consent: Effective compliance in a changing landscape

WEB CONFERENCE

AI assessments: How and when to conduct them

Navigating the regulation jungle: Be compliant, work efficiently and stay sane

WEB CONFERENCE

So you want to adopt AI …

The cost of noncompliance: More than just fines

WEB CONFERENCE

ISO standard offers AI Management System template

Securing buy-in: Making the business case for data privacy

WEB CONFERENCE

Building the case: Get buy-in to minimize data across your organization

WEB CONFERENCE

Beyond setup: Key steps to continuous compliance in consent management

WEB CONFERENCE

Data minimization: An increasingly global concept

Building an AI governance and compliance program

WEB CONFERENCE

Bringing your AI policy to life: Operationalizing key strategies for governance

WEB CONFERENCE

Building a privacy layer for AI

Understanding marketing privacy: Overlooked aspects, key questions and practical audits

Mastering the art of AI governance to unlock generative AI innovation

WEB CONFERENCE

Universal consent: Building beyond cookie consent

WEB CONFERENCE

Auditing consent: Essential strategies for improving consent compliance in 2024

WEB CONFERENCE

Best practices for building and enforcing global retention schedules

WEB CONFERENCE

3 steps to elevating your third-party risk management process

WEB CONFERENCE

How to build a ROPA to fit business, privacy needs

Data Privacy Day: How privacy champions can build a privacy-centric culture

WEB CONFERENCE

Prioritizing privacy to bolster trust in innovation

WEB CONFERENCE

Taming the beast: 7 tips for privacy professionals to facilitate responses to DSARs, reduce risk and build trust

Foundations for an effective AI governance program

WEB CONFERENCE

Building a modern data protection technology stack

Implications of the AI executive order for business

RESOURCE ARTICLE

Five compliance best practices for a successful AI governance program

Evaluating the use of AI in privacy program operations

Privacy by design to evolve beyond compliance & enforce responsible use of data

WEB CONFERENCE

Rethinking the role of CPOs: Prioritizing operationalizing privacy controls over legal expertise

Building effective AI through collaboration

From overlooked to optimized: Revolutionizing data-retention practices

Managing privacy in the era of generative AI

WEB CONFERENCE

Privacy governance: A problem solved or an ongoing challenge?

The latest dimension of the global race for an AI governance framework

Managing downstream risks of ‘do not sell’ fulfillment

Launching an AI governance program? Start with your ‘why’

Getting companies to embrace a holistic data strategy (IAPP Global Privacy Summit 2023)

Weathering the storm: Building an effective privacy budget & proving ROI in 2023

WEB CONFERENCE

Leveraging privacy governance for the responsible use of AI

Five ways to build a bulletproof PBD program with your security partners

WEB CONFERENCE

Top issues to address when using automated employment decision-making tools

Unlawful data processing claims: An insurance perspective

The building blocks for managing privacy risks at Square Enix

WEB CONFERENCE

State of the Customer Data Platform

Shifting to first-party data: Privacy pitfalls around consent and transparency

Taking your EU GDPR program across the pond

WEB CONFERENCE

Privacy by Code: Filling the Gap in Your Privacy Programs

WEB CONFERENCE

The Alignment Problem with “Sale of Data”

WHITE PAPER

What Your Business Should Be Doing Now to Unlock Privacy Benefits

WEB CONFERENCE

Data Lifecycle: The Privacy Path Less Chosen

WEB CONFERENCE

Next Gen Privacy: Breathing life into your legacy inventory process

WEB CONFERENCE

How to future-proof your privacy program

WEB CONFERENCE

Redefining data mapping

Maximize your minimization and other takeaways from the FTC’s Drizly case

Automated Data Mapping That Charts the Course for Privacy and Beyond

WEB CONFERENCE

Consumers say trust depends on transparency

Three Ways Privacy and Security Can Crush Third-Party Reviews – as Friends

WEB CONFERENCE

Perfecting Privacy Practices

WEB CONFERENCE

Privacy Metrics to Uplevel Your Privacy Program

WEB CONFERENCE

Privacy with Microsoft Video Series

VIDEO SERIES

Consumer Perspectives on Data Privacy and Implications for Business Growth

WEB CONFERENCE

Privacy: An organization’s responsibility for building trustworthy systems

Hiscox Cyber Readiness Report

Managing Privacy Risk and Safeguarding Personal Information

WEB CONFERENCE

Running a privacy law-compliant inclusion and diversity data collection program globally

The Importance of Diversity in the Privacy Office: A U.S. Perspective

WEB CONFERENCE

Assessing risk: Determining the appropriate risk flags for your privacy risk assessments

Risk of What? Setting Risk Priorities for Data Protection and Privacy

Data Retention: The Blind Spot in Your Privacy Program

WEB CONFERENCE

Managing an explosion of customer data

Marketing and Consumer Experience Perspectives to Enhance Your Privacy Program

WEB CONFERENCE

Ransomware: 5 critical tips for organizations

How To Build An Effective Privacy Engineering Team

2023 here we come: How to prepare your privacy program

Practical Tips for Building Your Privacy Operations

WEB CONFERENCE

The Privacy Evolution: Enabling Trusted Data Use

WEB CONFERENCE

Cisco – Security Outcomes Study

Measuring global diversity and inclusion: The art of the possible

Establishing Repeatable and Scalable Privacy Programs

WEB CONFERENCE

Data privacy requests metrics: Lessons for your privacy program

PDPC – Guide to Developing a Data Protection Management Program

The Risk of ‘Dumpster Data’ Exposure and How to Prevent It

From Programs to Programmatic: New Mindsets & Methods for Privacy Challenges

WEB CONFERENCE

A Practitioner Approach to Implementing Data Protection & Privacy by Design

WEB CONFERENCE

Why Privacy Departments Hold the Key to Incident Response

WEB CONFERENCE

What are the driving forces of a company’s privacy strategy in a constantly changing landscape?

Rethinking notice and consent — A chat with Jen King

PODCAST EPISODE

Building a Resilient Privacy Program and Operation

WEB CONFERENCE

Building a Next Generation Practice Leadership

WEB CONFERENCE

Privacy Metrics: Measuring Privacy Programs

WEB CONFERENCE

Privacy KPIs: Showing the Business Your Privacy Management is Effective

WEB CONFERENCE

The 7 Sins of Managing Data Privacy

WEB CONFERENCE

D&I and Your Privacy Program: A Discussion on Intersectionality

WEB CONFERENCE

A 360-Degree View of Enterprise-wide Privacy Risk

WEB CONFERENCE

ICO: Top tips for dealing with information access requests

ICO — Toolkit for organizations considering using data analytics

TOOL

Effective management of cannabis consumer data risk

Privacy fatigue and how to combat it

OPC – Privacy Guide for Businesses

Privacy Leaders’ Views – The Impact of COVID-19 on Privacy Priorities, Practices and Programs

WHITE PAPER

Benefits, Attributes and Habits of Mature Privacy and Data Protection Programs

The Skill Set Technologists Need to Implement a Privacy Risk Management Framework

WHITE PAPER

From Microsoft’s CPO to Airbnb’s, his goals are the same

Building a Privacy Culture in Our Conflicted Age

WEB CONFERENCE

Practical Primer on Privacy Preparedness

WEB CONFERENCE

How to operationalize privacy by design

Embedding data ethics into your ‘culture of privacy’

Strategic Vendor Risk Management for Privacy Pros

WEB CONFERENCE

How to leverage your existing privacy program to manage brand reputation risks

Checklist: Expedited Vendor Privacy and Security Assessment

How to Build a Culture of Privacy

ARTICLE SERIES

Building a culture of privacy: Legal compliance as a result, not a goal

Measuring Privacy Operations

Why Batman shouldn’t write your privacy notice

The Information Protection Blueprint: Ideas for Modern IT Security and Compliance

WEB CONFERENCE

Privacy Compliance Meets IT

WEB CONFERENCE

3 benefits for businesses to adopt PDS

Beyond a compliance mindset: How we communicate about privacy impacts our influence

Building a culture of privacy: Privacy as a strategic initiative

Study finds 93% of US citizens would switch to privacy-conscious organizations

Privacy Program Remediation to Incorporate Legacy Systems

WEB CONFERENCE

Building a Privacy Culture: A Conversation with Privacy Program Managers

WEB CONFERENCE

Setting data retention timelines

How to make responsibly sourced data the rule, not the exception

Building a culture of privacy: Be customer-centric

Program aims to help organizations design better privacy notices

A Guide to Privacy by Design

Deep Dive into the technology of corporate surveillance

Building a long-lasting privacy program in an ever-changing regulatory landscape

Personal Data and the Organization: Stewardship and Strategy

INFOGRAPHIC

Tool helps map out relevant privacy laws for organizations

Privacy Management Program Self-Assessment

TOOL

How do organizations demonstrate a positive privacy impact?

How to draft a GDPR-compliant retention policy

How to drive effective privacy operations with functional requirements

Applying the Positive-Sum Principle for Successful Privacy by Design Outcomes

WHITE PAPER

They Did What? Top Privacy Mistakes To Watch Out For (and How To Avoid Them)

WHITE PAPER

Must-Have Privacy Training Features for Your Team

WHITE PAPER

Under Armour takes ‘honorable mention’ for building innovative privacy program

UX solution allows companies to create streamlined privacy notices

Check or Mate? Strategic Privacy by Design

WHITE PAPER

Benchmarking your Privacy Incident Management Program

ARTICLE SERIES

A lean approach to compliance: Minimum viable privacy program

Building a Privacy Program from Ground Zero

WEB CONFERENCE

Building a program? Better get your internal audit game right

Building a Program that Provides Value

ARTICLE SERIES

For a Successful Privacy Program, Use these Three A’s

ARTICLE SERIES

Starting Up Privacy at a Startup

ARTICLE SERIES

How the C-Suite Should Talk About Cybersecurity

ARTICLE SERIES

On Building Consumer-Friendly Privacy Notices for the IoT

Need To Write a Solid Privacy Notice? A Few Tips

Chief Privacy Officer: Sample Job Description

TOOL

Ten Steps to a Quality Privacy Program

ARTICLE SERIES

Best practices in drafting plain-language and layered privacy policies

Five considerations before publicizing privacy policy updates

Back to top

Back to Top

Back to top