GDPR basics: business process prioritization

View all episodes of the "KPMG Privacy" video series.

Transcript

Austyn:

• Welcome to the second “how-to” GDPR video in KPMG’s privacy video series dedicated to discussing GDPR program basics.
• This video will focus on how to prioritize the implementation of your privacy program.
• Most privacy functions have limited resources with which to undertake tasks.
• It is important to balance establishing broad privacy coverage while addressing high risk areas.

Steve:

• Privacy coverage involves spanning multiple types of personal data. (this may include customer, employee, vendor)
• It also means involving affiliates and business units of various size, locations, maturity levels
• Addressing high risk areas requires spotlighting those business processes that process significant amounts of personal and/or sensitive personal data, along with innovative – new technology (for example Internet of Things) or  secondary approaches to personal data processing.
• Ask yourself: what are the top business processes spanning different business areas that present a higher risk to individual’s privacy? 

Austyn:

• As you engage with different business units across the organization it’s important to take the opportunity to educate stakeholders and management the on privacy fundamentals underlining these activities.
• Next, we will move into three videos addressing personal data under GDPR.
• We appreciate your time and attention.
• Thanks for watching.