Privacy Management Program - PowerPoint PPT Presentation

About This Presentation
Title:

Privacy Management Program

Description:

With privacy becoming an integral part of every organization today, a much more robust approach is needed to handle it. This has resulted in the creation of the ‘Privacy management program,’ which is a much more holistic and unified approach for handling privacy that can be adopted by all organizations, companies, and agencies. – PowerPoint PPT presentation

Number of Views:113
Slides: 15
Provided by: infosectrain

less

Transcript and Presenter's Notes

Title: Privacy Management Program


1
Privacy Management Program
www.infosectrain.com sales_at_infosectrain.com
2
With privacy becoming an integral part of every
organization today, a much more robust approach
is needed to handle it. This has resulted in the
creation of the Privacy management program,
which is a much more holistic and unified
approach for handling privacy that can be adopted
by all organizations, companies, and agencies.
www.infosectrain.com sales_at_infosectrain.com
3
  • Why is a Privacy Management Program needed?
  • With the introduction of GDPR in 2018 and other
    privacy laws such as COPPA and PIPEDA (Canada),
    privacy management programs have been a necessity
    for different organizations for a variety of
    reasons. The following list shows the reasons why
    this is needed
  • Copious amount of data is flowing all around
    today, and this has to be well guarded
  • Privacy is now considered a serious aspect for
    the organization
  • It infuses a privacy culture within the
    organization for both the management and
    employees of the organization
  • It also embeds privacy compliance within the
    organization
  • It increases efficiency and accuracy by
    automating privacy management activities
  • Privacy Management program reduces the
    possibility of privacy breaches and risks

www.infosectrain.com sales_at_infosectrain.com
4
  • Components of a Privacy Management Program
  • There are three important components of a PMP.
    They are
  • Organizational commitment
  • Program controls
  • Continuing assessment and revision

www.infosectrain.com sales_at_infosectrain.com
5
1. Organizational commitment As with all things,
organizational commitment is the foremost thing
that is needed to implement privacy in an
enterprise. Organizational commitment
involves I. Senior management support  Senior
management should endorse a privacy management
program fully and wholeheartedly. They should
support and endorse the privacy officer and give
them complete resources to operate the program
effectively and successfully within the
organization. II. Appointing and empowering a
 Data protection officer(DPO) or a privacy
officer A privacy officer or Data protection
officer must be appointed for the organization.
Once a privacy officer or DPO is appointed,
their role must be communicated to all within the
organization. It is the duty of the privacy
officer to establish program controls, design
employee training, and conduct regular privacy
assessments. III. Reporting mechanisms must be
established Any good privacy management program
needs good reporting mechanisms. Reporting
mechanisms ensure that the privacy program is
functioning as expected, and the reports can be
viewed by the management and the employees of the
organization. Internal review or audit process is
one type of reporting mechanism.
www.infosectrain.com sales_at_infosectrain.com
6
  • 2.Program controls
  • Program controls enable the organization to
    comply with privacy management practices.
  • Here are a few program controls that can be
    adopted
  • The first step in implementing program controls
    is to keep a record of all personal information.
    The organization must maintain an inventory of
    personal and personal identifying information
    that is collected. The inventory should contain
    information such as the type of personal
    information, the sensitivity of the information,
    the location where it is stored, the reason for
    collecting the information, and the data
    retention schedule.
  • Policies are the backbone of security landscape
    and it is an integral part of establishing
    controls in the privacy management program as
    well.
  • Policies, procedures and guidelines have to be
    laid out regarding collecting information. These
    policies enable the employees to understand more
    about collecting personal information from users,
    notifying users when collecting the information,
    obtaining consent when collecting information and
    more.
  • Training the employees on the policies,
    procedures related to the PMP, breach management
    response, conducting risk assessment are other
    program controls that can be implemented in a
    privacy management program.





www.infosectrain.com sales_at_infosectrain.com
7
  • 3. Continuing assessment and revision
  • Every program needs constant monitoring and
    revision and the PMP is no exception. This
    continuous monitoring and assessment ensures
    accountability and compliance.
  • Continuous assessment and revision involves two
    steps
  • Develop an oversight plan
  • Assess and revise the program controls
  • Develop an oversight plan
  • This plan would lay the schedule of when the
    policies and guidelines will be reviewed. In
    addition if there is a privacy breach at any
    point of time, policies and guidelines have to be
    reviewed and revised immediately.





www.infosectrain.com sales_at_infosectrain.com
8
  • Assess and review the controls
  • All controls should be regularly monitored,
    audited and revised accordingly. The monitoring
    should answer the following questions such as
  • What are the latest privacy threats?
  • Are the controls managing the latest privacy
    threats?
  • Is training being given to the employees?
  • According to the answers to the above questions,
    the replies should be documented and addressed
    accordingly.
  • These are the highlights of a privacy management
    program. Each PMP can be modified according to
    the needs of the organization. For more of
    InfoSec Trains courses and webinars, do visit us
    at this link.





www.infosectrain.com sales_at_infosectrain.com
9
About InfosecTrain
  • Established in 2016, we are one of the finest
    Security and Technology Training and Consulting
    company
  • Wide range of professional training programs,
    certifications consulting services in the IT
    and Cyber Security domain
  • High-quality technical services, certifications
    or customized training programs curated with
    professionals of over 15 years of combined
    experience in the domain

www.infosectrain.com sales_at_infosectrain.com
10
Our Endorsements
www.infosectrain.com sales_at_infosectrain.com
11
Why InfosecTrain
Global Learning Partners
Access to the recorded sessions
Certified and Experienced Instructors
Flexible modes of Training
Tailor Made Training
Post training completion
www.infosectrain.com sales_at_infosectrain.com
12
Our Trusted Clients
www.infosectrain.com sales_at_infosectrain.com
13
(No Transcript)
14
Contact us
Get your workforce reskilled by our certified and
experienced instructors!
IND 1800-843-7890 (Toll Free) / US 1
657-221-1127 / UK 44 7451 208413
sales_at_infosectrain.com
www.infosectrain.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Privacy Management Program" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!