The increasing number and complexity of privacy laws, like the upcoming California Privacy Rights Act, as well as the continued emergence of good privacy practices and compliant data use as a competitive differentiator, have been the driving force for organizations to shift focus from tick-the-box compliance exercises to automated privacy solutions.
To maintain consumer trust and avoid brand damage due to costly data breaches, companies must implement integrated data governance principles and procedures. Given the amount of data that businesses collect, process, and store, as well as the speed at which that data is managed, effective and efficient human and technology systems must be implemented, updated, and maintained on a regular basis.
However, understanding and maintaining up-to-date data retention strategies is one of the numerous obstacles that privacy professionals deal with and is often the blind spot in the privacy program, especially with the varying laws across jurisdictions. How can organizations integrate enforcement of policies like data retention, data minimization, access requests, etc. across the organization’s IT ecosystem?
Learning Objectives:
- Describe existing and emerging data retention obligations
- State the risks of failing to operationalize retention programs
- Create a collaborative process for security and privacy teams to work together
Panelists:
Travis Brennan, Shareholder and Chair of Privacy & Data Security, Stradling Law
Robert Fowler, Director of Strategic Partnerships, Exterro
Originally aired November 17, 2022
