Address CCPA Compliance Requirements While Building a Global Privacy Program presented at GlobalPrivacySummit 2019

by Jennifer Hargrove, Mark Sward, Teresa Troester-falk,

Summary : Most organisations approach privacy and data protection legal requirements as a project to complete. For example, for some, the GDPR was viewed as a project, with deliverables and budget tied to an end date of May 25, 2018. In reality, that was the start date in which organisations must now be able to demonstrate an ongoing capacity to comply. Since the GDPR, the data protection community is shaping up to deal with the next set of challenges: the California Consumer Privacy Act (CCPA), Brazil’s LGPD and many more. Before the GDPR, there were already hundreds of privacy and data protection laws and regulations, and there will continue to be many more new privacy laws in the months and years to come. Privacy legislation will always be subject to change, no matter where an organisation is located and in how many countries it operates. In this session, we will focus on why an accountability approach is the most pragmatic, scalable and proven method for supporting compliance with multiple laws. We will discuss how an accountability approach to multi-jurisdictional compliance works in both theory and practice.What you’ll take away:Identify existing policies, procedures and other accountability mechanisms that are already providing rules and guidelines for processing personal data in your organisationLeverage existing privacy law initiatives and project workstreams into sustainable business processes by finding a home for those workstreams in a privacy management accountability frameworkLearn how to effectively report on key compliance requirements so that you are regulator-ready