A weekly newsletter and video series designed to help business leaders understand the role of personal information as a business asset, the regulations that govern its collection, storage and use and how businesses can better manage information to comply with those regulations and avoid the very real consequences that can come from breaching those regulations.
Throughout my career, I have spoken with many leaders who have said that, while they are very concerned about the risks that come from collecting, storing and using personal information, one of their key concerns is their lack of knowledge about how data is used and the process and procedures that should be in place. This knowledge gap prevents them from being able to make informed decisions about data management strategies.
This series is aimed at helping you develop the right knowledge and understanding to be able to better lead your organisations, and sharing a model for building a framework that you can use to improve your organisation’s management of personal information.
My name is Richard Harris. Throughout my career, now spanning over 25 years, I have helped clients make better use of personal information and have been required to ensure that information is managed effectively and by the laws that govern its use.
I am excited to share my knowledge and experience with you and hope you find this series to be of value.
Each week you will receive an email directly to your inbox containing
- An summary of the weeks topic
- A list of key terms and definitions
- Links to website for further reading
- A link to that week’s course video
Chapter 1 – Context
To get us started on this journey, we need to place the concepts we are going to discuss in context. The use of data has exploded to the point where it is clearly the most important asset for most organisations and those that fail to utilize data effectively struggle to compete with those that adopt best practices. In this chapter, we will discuss.
- Session 1: Industry 4.0 – how the use of data has defined a new industrial revolution.
- Session 2: How data is collected, managed and used
- Session 3: Personal & Sensitive Information
- Session 4: Ethical Considerations: Explore ethical implications in data usage, emphasizing the responsibility of organizations in handling personal information ethically and transparently.
- Session 5: Data Privacy Challenges: Discuss challenges associated with data privacy in the modern digital landscape, including emerging technologies, data breaches, and public concerns.
Chapter 2: Exploring Privacy Regulations
There are many regulations that govern the collection, management and use of personal information. However, they share many similarities. In this chapter, we will explore the principles that you should be aware of when reviewing how you manage personal information in order to reduce the risk of breaching these regulations.
- Session 11: General Data Protection Regulation
- Session 12: California Consumer Privacy Act
- Session 13: Other regulations
- Session 14: International Data Transfer: Address regulations related to international data transfers, especially in regions with stringent data transfer laws (e.g., EU to non-EU countries).
- Session 15: Sector-Specific Regulations: Explore industry-specific privacy regulations (e.g., healthcare, finance) and their impact on personal information management.
Chapter 3: Privacy Management Framework
The aim of this course is to empower you to make the decisions required to ensure your organisation complies with the regulations governing the use of personal information. To help give you an objective to work towards, we will explore a model that you can adopt for building an effective privacy compliance framework.
- Session 6: The Data Privacy Framework model
- Session 7: The requirements framework approach
- Session 8: Personal Information Data Governance
- Session 9: Policies and Procedures for managing personal information
- Session 10: Demonstrating your compliance
Chapter 4: Consumer Rights
In this Chapter we will take a deep dive into the rights of the consumer when it comes to their personal information and the processes you must ensure are in place to meet support those rights.
- Session 16: Right to know, access and correct
- Session 17: Right to control
- Session 18: Right to opt-out or be forgotten
- Session 19: Anonymity, restrict sale or share, online tracking
Chapter 5: Managing Personal Information
Managing personal information requires everyone in the organisation to actively participate. In this chapter, we will discuss the processes, systems and practices you should have in place to ensure you collect, store and use personal information in accordance with the regulations.
- Session 20: Data Governance Council
- Session 21: Privacy Impact Assessments (PIA): Introduce the concept of PIAs, emphasizing their role in identifying and mitigating privacy risks associated with new projects or processes.
- Session 22: Data Retention and Deletion: Discuss strategies for data retention periods and secure data deletion practices in compliance with regulations.
- Session 23: Data Catalogues, Data Classification and Data lineage
- Session 24: Data Policies and guidelines
- Session 25: Response planning
- Session 26: Pragmatic Security
Chapter 6: Policies, procedures and practices
Following on from the previous chapter, we will explore the ways in which you can instill a culture of data protection through the development of effective policies and training materials so that everyone in your organisation understands the requirements and how to meet them.
- Session 27: Data Flow mapping
- Session 28: Required Internal policies
- Session 29: Staff training & resources
- Session 30: Working with third parties.
- Session 31: Incident Response and Reporting: Cover incident response protocols, including reporting procedures for data breaches, ensuring prompt and effective responses.
- Session 32: Compliance Auditing: Discuss the importance of regular compliance audits to evaluate and improve existing privacy measures.
Chapter 7: Your Next Actions
In this final chapter, we will set out an action plan for you to follow to begin the process of improving how you manage and protect personal information so as to minimize the risk of your organization breaching regulations.
- Session 33: Privacy Review
- Session 34: Developing a program of work
- Session 35: Monitoring and Continuous Improvement: Emphasize the importance of ongoing monitoring, review, and continuous improvement of data privacy practices as regulations evolve.
- Session 36: Public Relations and Transparency: Highlight the significance of transparent communication with stakeholders and the public regarding data privacy efforts and compliance status.
Subscribe to Privacy Pulse
Click the subscribe button below to be redirected to our payment platform. Once complete, we will be in touch to welcome you to the program.