Best Practices for Data Privacy

by Sarah Harvey / May 29th, 2019

From GDPR, CCPA, PIPEDA, and so many other new data privacy laws going into effect, knowing which laws you need to comply with and how you should go about complying with them may seem like a daunting task. In this webinar, our Director of Regulatory Compliance, Mark Hinely, will discuss how organizations can perform their due diligence to ensure that they’re protecting their consumers’ privacy and will cover industry-accepted best practices that you can follow to lay the groundwork for future data privacy frameworks.

What are Best Practices for Data Privacy?

If your organization is questioning what best practices for data privacy you should follow, Mark Hinely provides four that can help you get started:

  1. Create an internal privacy framework
  2. Do more with less data
  3. Automate compliance efforts
  4. Get specific about your internal and external privacy posture

How Can You Establish an Effective Internal Privacy Framework?

An effective internal privacy framework is the foundation of your organization’s data privacy compliance efforts because it lays out what and how you’ll comply with the many privacy requirements applicable to your organization. Typically, when an organization creates an effective internal privacy framework, they’ll take the following into consideration:

  • Notices and disclosures
  • Access (Internal and External)
  • Breach notification
  • Consent
  • Risk
  • Designated responsibilities
  • Data retention
  • Vendor management

Like internal security programs established by organizations, however, there’s always sector- and organization-specific considerations that must be taken into account when creating an effective internal privacy framework. For industries such as healthcare, marketing, or education, there might need to be additional considerations regarding access to data or data retention. Organization-specific considerations, such as a debt collection agency, also needs to consider the types of data and processing they’ll use. Once these considerations have been made and the internal privacy framework has been designed, organizations need to document and implement it.

Overall, when you establish an effective internal privacy framework, you set your organization up for success when you’re faced with achieving multiple privacy considerations. If you want to learn more about industry-accepted best practices for data privacy and how they could benefit your business, watch the full webinar now. For more information on how KirkpatrickPrice can help you with your data privacy compliance efforts, contact us today.