Training and Awareness in a Privacy program Another important chapter of the Privacy Program Management is the Training and Awareness program. According to my personal and professional experience, a privacy program will never be successful if the Privacy Manger doesn’t include at least one session of “Let’s talk about privacy“. But, what are we talking […]

Data Subject Rights – DSR This post is part of the long journey started with the descriptions of the tasks usually assigned to a Certified Information Privacy Manager. So, now it is time to talk about the Data Subject Rights (for short: DSR).   Data Subject Rights: What are they? First, in the GDPR, there […]

Privacy Policies What are they? Primarily, Privacy Policies are those statements drafted, emended and eventually approved by the Controller; i.e, the entity in charge of establishing the purpose for the personal data usage. Although the following formal definition is US-focused, I think it’s worth to click on this Wikipedia post to have a more precise idea […]

Data Privacy Assessment This time we need to focus our attention on the Data Privacy Assessment phase. So far, we’ve been talking about the process of having a solid privacy program. Accordingly, we have analyzed: The general concept of the privacy program management; The privacy governance; and The applicable privacy laws.   Data Assessment: what […]

Privacy Laws and Applicable Regulations: The Inventory Privacy Laws and Applicable Regulations: this is a big deal. Earlier, we talked about the importance of setting down a solid Privacy Governance program. If you missed the post, you can have a look at it clicking here. Now it is time to focus our attention to inventory […]