A global client required an experienced partner to implement a standard Data Privacy Framework across their world-wide operations.
After realising that many countries are upgrading or reviewing their existing Data Privacy legislation the client concluded they needed an effective single, common framework that could be rolled out globally. This would protect their large and strategic markets, as well as assure leadership that the organisation was operating inline with their vision and aspirations.
Taking into account for local variations in legislation, a global programme of work was defined and implemented. Common to all modern Data Privacy legislation are core control topics, where identical principles, policies and procedures can be adopted. These common topics require the same accurate operational data so strong controls can be built.
The programme team engaged many departments across all countries to gain accurate and current information on relevant vendors, systems and data. Justifications were defined for the processing, storage, and transfer of data across country borders, and targeted training and presentations made as part of a company wide communication campaign.
The end result was a significant increase in Data Privacy awareness and a functioning Data Privacy Framework that allows for efficiency of scale and the ability for leadership to monitor the maturity of each country against relevant risk appetites. The core information is now available for central functions like procurement teams, helping to enable their strategic intent.
If you have a regulatory change project requiring leadership, direction and delivery, please contact us to see how we can help.