Mastering Data Privacy
As more states consider data privacy regulations, much of the legislation in question share a few common features. Among them, in no specific order, are:
- New consumer rights over business use of personal data
- Fines or fees for breaches of personal data
- Requirements that only personal data with a business use be held
While the more specific aspects of each piece of legislation may vary widely, those features seem to make up the foundation of a number of bills sitting in U.S. state congresses (some states are still determining whether to include individual rights of action, for example). Many organizations are attempting to answer a number of questions pertaining to what data they store, why they store it, how they’ll respond to consumer requests for that data, and who can access it—inside or outside the organization.
For many businesses, those features require new enterprise infrastructure and changes to processes in order to comply. In this guide, we’ve outlined five major principles that will help companies master their data privacy processes and maintain compliance with the law:
- Mastering Your Data
- Mastering Data Subject Access Requests (DSARs)
- Mastering Third-Party Vendor Management
- Mastering Data Retention and Harmonization Practices
- Mastering Incident and Breach Management