GDPR basics: business process prioritization
This “how-to” GDPR video will focus on how to prioritize the implementation of your privacy program.
View all episodes of the "KPMG Privacy" video series.
Transcript
Austyn:
- Welcome to the second “how-to” GDPR video in KPMG’s privacy video series dedicated to discussing GDPR program basics.
- This video will focus on how to prioritize the implementation of your privacy program.
- Most privacy functions have limited resources with which to undertake tasks.
- It is important to balance establishing broad privacy coverage while addressing high risk areas.
Steve:
- Privacy coverage involves spanning multiple types of personal data. (this may include customer, employee, vendor)
- It also means involving affiliates and business units of various size, locations, maturity levels
- Addressing high risk areas requires spotlighting those business processes that process significant amounts of personal and/or sensitive personal data, along with innovative – new technology (for example Internet of Things) or secondary approaches to personal data processing.
- Ask yourself: what are the top business processes spanning different business areas that present a higher risk to individual’s privacy?
Austyn:
- As you engage with different business units across the organization it’s important to take the opportunity to educate stakeholders and management the on privacy fundamentals underlining these activities.
- Next, we will move into three videos addressing personal data under GDPR.
- We appreciate your time and attention.
- Thanks for watching.
Strategy and governance
Cyber security: it’s a business issue, not just an information technology issue.
Read more