What you Need to Know About the GDPR: Practical Steps to Address GDPR Compliance

May 09, 2017

While some organizations have written about the impending GDPR deadline and potential fines, or re-printed an exact copy of the text itself, TRUSTe has taken the 200+ pages of the GDPR and translated it into practical implementation steps for an organization of any size or maturity. The implementation steps are grouped into five actionable phases: Building a Program and Team Assessing Risks and Creating Awareness Designing and Implementing Operational Controls Managing and Enhancing Controls Demonstrating Ongoing Compliance A sample implementation step is developing a DPIA program, which includes creating templates, conducting DPIAs, managing remediation, and providing compliance reports. The guide also … Continue reading What you Need to Know About the GDPR: Practical Steps to Address GDPR Compliance

ROI of Privacy: Building a Case for Investment

April 27, 2017

Today we held our fifth webinar in our 2017 Privacy Insight Series, “ROI of Privacy: Building a Case for Investment”. Emily Leach, Knowledge Manager at IAPP; Paul Iagnocco, Senior Privacy Consultant, TRUSTe; and Laurel Strand, Senior Privacy Consultant, TRUSTe gave practical insight into how to develop ROI metrics for privacy programs. Below are some of the topics our panelists covered that you can incorporate when building the case for privacy. Consumers will cross the street for privacy. Over the past few years the landscape has changed – consumers know that data is being collected about them and 89% of them … Continue reading ROI of Privacy: Building a Case for Investment

3 Ways to Leverage Your Privacy Shield Certification

March 02, 2017

EU US Privacy Shield

Last week TRUSTe held a webinar “Privacy Shield Self-Certification – What’s Next?” as part of its Privacy Insight Series. If you missed the webinar you can still sign up to receive the on-demand recording and the slides. Our speakers, David Fowler, Chief Privacy & Digital Compliance Officer, Act-On Software; Amanda Gratchner, Global Privacy Counsel, NAVEX Global; and K Royal, Senior Privacy Consultant at TRUSTe discussed several different ways to enhance everything from your policies to your Privacy Impact Assessments by leveraging your Privacy Shield Certification. They also discussed how to use the Certification toward compliance with other frameworks, such as the … Continue reading 3 Ways to Leverage Your Privacy Shield Certification

Argentina GDPR-like Data Privacy Bill

February 21, 2017

As previously described in our blog post “Doing Business with Argentina Just got Easier“, change appears afoot in the land of silver’s data protection law, in order to keep pace with evolving digital technologies and global regulatory regimes. Whereas in December 2016 the Argentine Data Protection Agency (DPA) issued a report proposing changes to the national Data Protection Act (Act) after nearly a year of public consultation, this month the DPA released a draft bill to update the sixteen-year-old Act in line with many of the European Union’s General Data Protection Regulation (GDPR)’s new requirements taking effect in May 2018. … Continue reading Argentina GDPR-like Data Privacy Bill

How to Get Started with GDPR Planning

February 16, 2017

Eleanor Treharne-Jones, VP Consulting at TRUSTe will be joining Lewis Barr, General Counsel and VP, Privacy, at Janrain for the first installment of a General Data Protection Regulation (GDPR) webinar series. Lewis and Eleanor will discuss: How personal data of EU citizens can be managed and processed under this new regulation. How it applies to all organizations that offer goods or services to EU residents or monitor their behaviour in the EU regardless of location. How, if found noncompliant, your organization could face penalties as high as 4% of your global revenue. What practical steps to take to prepare for GDPR. … Continue reading How to Get Started with GDPR Planning

Submit Comments on WP 29 GDPR Guidance by Today

February 15, 2017

In December 2016 we summarized the GDPR guidelines released by the Article 29 Working Party on the “Right to Data Portability”, Identifying a Lead Supervisory Authority, and appointing a “Data Protection Officer.” The deadline for submitting comments is today. To submit comments, email  JUST-ARTICLE29WP-SEC@ec.europa.eu and presidenceg29@cnil.fr. To learn more about TRUSTe EU GDPR solutions, or to speak with a consultant, contact us.