TrustArc Blog

What you Need to Know About the GDPR: Practical Steps to Address GDPR Compliance

May 09, 2017

While some organizations have written about the impending GDPR deadline and potential fines, or re-printed an exact copy of the text itself, TRUSTe has taken the 200+ pages of the GDPR and translated it into practical implementation steps for an organization of any size or maturity. The implementation steps are grouped into five actionable phases: Building a Program and Team Assessing Risks and Creating Awareness Designing and Implementing Operational Controls Managing and Enhancing Controls Demonstrating Ongoing Compliance A sample implementation step is developing a DPIA program, which includes creating templates, conducting DPIAs, managing remediation, and providing compliance reports. The guide also … Continue reading What you Need to Know About the GDPR: Practical Steps to Address GDPR Compliance

Privacy Program Management: A Framework for Success Webinar Recap

April 03, 2017

TRUSTe General Counsel and Chief Data Governance Officer Hilary Wandall gave a webinar where she discussed how to support each phase of building a privacy program by using a clear framework, standards, and operational controls. The discussion also included tips on how to make accountability effective in an organization, and what accountability looks like in practice. If you missed it, click HERE to listen to the entire webinar on demand. One of the topics covered was how to get started. To get started with a privacy program, first you have to decide upon a model. Some important considerations are: What … Continue reading Privacy Program Management: A Framework for Success Webinar Recap

Important Privacy Shield Requirements for Pharma & Medical Companies

March 28, 2017

By Emily S. Yu, Privacy Solutions Manager, TRUSTe The EU-US Privacy Shield framework is an approved transfer mechanism for personal data from the EU to the United States, meaning that once self-certified, companies have “adequate” protections in place when transferring personal data. Businesses involved in clinical, medical and other forms of scientific research may not be aware that there are specific requirements under Privacy Shield that apply to those fields. The requirements may create the need for additional privacy policy controls, so companies in those fields should check to ensure that all requirements are being met. These requirements are addressed in … Continue reading Important Privacy Shield Requirements for Pharma & Medical Companies

3 Ways to Leverage Your Privacy Shield Certification

March 02, 2017

EU US Privacy Shield

Last week TRUSTe held a webinar “Privacy Shield Self-Certification – What’s Next?” as part of its Privacy Insight Series. If you missed the webinar you can still sign up to receive the on-demand recording and the slides. Our speakers, David Fowler, Chief Privacy & Digital Compliance Officer, Act-On Software; Amanda Gratchner, Global Privacy Counsel, NAVEX Global; and K Royal, Senior Privacy Consultant at TRUSTe discussed several different ways to enhance everything from your policies to your Privacy Impact Assessments by leveraging your Privacy Shield Certification. They also discussed how to use the Certification toward compliance with other frameworks, such as the … Continue reading 3 Ways to Leverage Your Privacy Shield Certification

TRUSTe Gears up for Data Privacy Day

January 13, 2014

January 28th is Data Privacy Day and TRUSTe is helping to raise awareness with four key events that you should check out. January 28: Powering Trust Speaker Series – London TRUSTe hosts the first event in the Powering Trust Speaker Series on Data Privacy Day at The Hospital Club in London. Join us to learn how organizations, policy makers and regulators can find balance between prosperity and privacy in 2014. New research into the levels and causes of consumer online privacy concern both sides of the Atlantic will be followed by a thought provoking discussion led by, European privacy expert, … Continue reading TRUSTe Gears up for Data Privacy Day

Dictionary.com Announces the 2013 Word of the Year: Privacy

December 19, 2013

On Wednesday, Dictionary.com announced that it had chosen “privacy” as the word of the year for 2013, quite a change from last year’s selection of “bluster”. The past year has been filled with events that rocked the media landscape and changed the way people thought about privacy. The introduction of Google Glass and Edward Snowden’s revelations about Government surveillance were just two of the major events that Dictionary.com cited as reasons for selecting privacy as their word of choice. According to Dictionary.com, privacy is defined as “the state of being free from intrusion or disturbance in one’s private life or … Continue reading Dictionary.com Announces the 2013 Word of the Year: Privacy