ARE YOU FULLY COMPLIANT?
Mind the Privacy Compliance Gap
Do all your products & services meet the growing list of state privacy laws?
With an ever increasing number of privacy laws being enacted, privacy practitioners are constantly playing catch-up. Updating your products and services to ensure the correct default age of consent for each state's privacy law for example, can create significant delays for product development teams if it is done on an ad hoc basis.
The ISO31700 Privacy by Design standard helps you meet the challenge, by:
- scaling your privacy program to engage consumers and organisational stakeholders,
- faciliting constructive discussions, and
- demonstrating value to the business through measurable KPIs.
Getting privacy compliance under control is easy with the ISO31700 Privacy by Design standard.
Use our ready to go templates, consumer preference studies and stakeholder training.
WHAT IS THE ISO31700 PRIVACY BY DESIGN STANDARD ABOUT?
Consumer Centricity
Getting Views & Preferences
Getting consumer views provides several clear benefits. First and most importantly, practitioners will be able to tell if the privacy protections implemented, are actually working as intended. Second, the insights gained can help build an evidence based approach to improvements. Third, such insights will likely also be of interest and benefit to other stakeholders. Sharing it will help the organisation realise the depth of impact consumer privacy awareness is truly having on the business.
Stakeholders
Multidisciplinary Approach
The standard very much acknowledges the need for and assumes a multi-disciplinary approach to integrating privacy controls into products. With practices such as ‘dark patterns’ on the regulatory radar, embedding cross collaborations with technical experts, such as user experience designers and data specialists, has never been more important.
Use Cases
Maintaining a Balanced Focus
Use cases allow privacy practitioners to have constructive discussions around product impacts holistically. This is especially important when contextual factors in innovative business models, third party data sharing and emerging technologies are raised.
Measurable
Managing what you measure
A practical and needed modernisation brought by the standard, is its requirement for Privacy by Design programs to establish measurement methods and metrics, in deployment and operations.
All your documentation sorted
Designed to be a companion piece to the Privacy By Design Lead course, it includes the
* Privacy Program
* Communications Plan
* Risk Management Plan
* Privacy Controls Plan
* Product End Of Life Plan
Develop Supporting Evidence for Your Privacy Program
- Measure the effectiveness of your privacy program, customer privacy preferences and its impact on the business
- Develop evidence to support a business proposal and/or to justify your privacy program initiatives
- Gain traction at the executive table, by shifting the focus of your privacy program from that of compliance, to helping the business develop consumer trust and brand loyalty
Get data stakeholders on board
This course is designed to help provide Data Specialists with background information on guiding principles when contributing to designing privacy controls.
Get user experience stakeholders on board
This course is designed to help provide User Experience Specialists with background information on guiding principles when contributing to designing privacy controls.
Step by Step Program
The Privacy By Design Lead course is designed for anyone looking to implement the ISO 31700 Privacy By Design standard in their organisation. It assumes no previous knowledge and covers the following topics
- What is Privacy by Design?
- Why is Privacy By Design important?
- The ISO 31700 standard
- Program Requirements
- Managing Communications
- Risk Management
- Privacy Controls
- End of Life Product Management
Developed with Privacy Expertise
The templates, course and consumer preference study was developed by Christopher Tia - CIPP/US, CIPP/E, CIPT and certified ISO27001 Internal Auditor, NIST CSF, COBIT, OneTrust Professional and Advanced SOC.
Christopher is Principal of Lean Prototype Machine, a boutique privacy and information security compliance consulting service. We work with high growth companies that are looking to implement ISO27001, SOC, NIST CSF or comply with the CCPA, HIPAA and GDPR.
Christopher Tia
Principal
Chris is an experienced digital data technologist specialising in privacy and data protection solutions. He helps organisations
- Manage online risk to protect business reputation, continuity and consumer trust
- Integrate governance processes, benchmarks & standards to protect digital & data assets
- Initiate strategic change by increasing awareness of data protection policies, obligations & best practices
- Automate privacy operations to meet regulatory requirements and demonstrate compliance
Chris has an extensive background in system analysis, technical infrastructure design and applications development - with hands on experience across varied technologies including telecommunications, high availability systems, eCommerce, RPA, Process Mining, data analytics, API micro-services and cloud based platforms.
B. Science (Computer Science), B. Laws (Hons), M. Commerce, Grad Dip (Legal Practice)
