February 28, 2021

Volume XI, Number 59

Advertisement

February 26, 2021

Subscribe to Latest Legal News and Analysis

February 25, 2021

Subscribe to Latest Legal News and Analysis

Developing a Right-Sized Privacy Program

Later this week, January 28, 2021 will mark International Privacy Day: a day corporations release educational efforts around privacy and data protection. There are many reasons to approach privacy proactively in 2021: (1) January 28 will mark the second week of a new US administration, one which will likely focus more on privacy and data security; and (2) laws and enforcement in this area continue to change and develop, as we reported last year. With this in mind, privacy and data security practitioners may find themselves behind with reactive approaches. Reactivity is also costly, both monetarily and resource-use wise.

To be proactive, companies can take an adaptive approach to customized privacy compliance to their organization. One that, instead of needing constant modification as laws or practices change, can grow and adapt as those inevitabilities occur. An adaptive privacy program, most critically, is both aligned with and supportive of the organization’s underlying mission, vision and goals. Such a program is bespoke to the organization, and avoids extraneous elements or those that do not account for the company’s ultimate activities and needs. The program also takes into account both regulatory and litigation risk, and is flexible enough to adapt as those change. Finally, it is a program that the organization can get behind and support. From line managers to senior leadership, it is a program that is digestible and around which people can easily be trained.

Putting it Into Practice: In recognition of Privacy Day 2021, this week’s blog series walks through core elements for developing a right-sized privacy program, one that will ideally provide better legal protections than taking an off-the-shelf, create-it-as-you-fly-the-plane approach.

Advertisement
Copyright © 2020, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume XI, Number 25
Advertisement

TRENDING LEGAL ANALYSIS

Advertisement
Advertisement

About this Author

Liisa Thomas, Sheppard Mullin Law Firm, Chicago, Cybersecurity Law Attorney
Partner

Liisa Thomas, a partner based in the firm’s Chicago and London offices, is Co-Chair of the Privacy and Cybersecurity Practice. Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.” Liisa is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and...

312-499-6335
Advertisement
Advertisement