Our thanks to those who attended and engaged with the polls and questions and answers.
Things we took away from the seminar were:

  • Privacy is like security, and health and safety, in that if your organisation isn't running a structured privacy programme it’s blind to the risks it’s taking, and running on luck.
  • A privacy programme can fall under the key pillars of: IDENTIFY, GOVERN, CONTROL, PROTECT and COMMUNICATE.
    • IDENTIFY: conduct data mapping to understand in depth the personal information your organisation is processing, collecting, using, sharing, and storing; understand your organisation's role in the data collection and processing ecosphere; and, identify your various privacy obligations.
    • GOVERN: have a senior person formally accountable for privacy, a specific privacy budget, a privacy officer with enough time to manage privacy proactively, implement privacy by design and ensure privacy is included in your corporate risk assessment and management.
    • CONTROL: have or put in place various privacy policies and processes. 
    • PROTECT: have a security programme to protect personal information
    • COMMUNICATE: communicate both internally and externally what your privacy practices are. 
  • Ready, set, go! If you’re just getting started on your privacy journey, ‘start’ with the IDENTIFY AND GOVERN functions, ‘get set’ with the CONTROL, PROTECT and COMMUNICATE functions, then ‘go’! 
  • Put SMART privacy metrics in place to monitor how you’re going. 

See the recording online at HERE.