Ethics and compliance programs have more data available to them than ever before. Capturing data on program activity and impact can be a powerful tool to assess whether your ethics and compliance program works in practice. Many companies also find value in benchmarking their programs against industry norms and in response to risks. That said, data’s nascency in the ethics and compliance space means we are still struggling to understand what to do with all this data, and how to know what it is telling us.
A standard practice from other global privacy laws has hit the US: privacy risk or data protection assessments (commonly known as PIAs) are now required under certain criteria for the processing of personal data in all new state laws, except Utah. Beyond regulatory compliance, a comprehensive and integrated assessment program embeds privacy by design into your organization’s data strategy and enables you to manage risk at scale.
Regulators worldwide are getting serious about children’s privacy. From the “children’s codes” established in jurisdictions like the UK and Califorina, to the recent enforcement action against Instagram and TikTok—it’s becoming increasingly clear that the web is likely to change so that children are better protected.
No comments yet
You're not signed in.
Only registered users can comment on this article.
Much of the work of security professionals focuses on securing an organisation’s perimeter and keeping malicious actors out. But one of the most significant threats to privacy and security is accidental disclosure of data by employees.
The work of privacy and security professionals looks quite different day-to-day. But these two disciplines share a lot in common, and there are areas where working in silos does not best serve the interests of employees, organisations or even users.
No comments yet