In organizations with higher levels of program maturity, privacy is an integral part of decision-making processes, product development, and overall organizational strategy. To become strategic enablers of innovation within their organizations, privacy teams must establish comprehensive data governance frameworks and ensure that data is handled responsibly, ethically, and in compliance with relevant regulations.  


Join this session to learn from OneTrust experts about how to enhance your privacy program maturity to: 
• Deliver strategic business value with first-party data  
• Create dynamic end-user experiences 
• Improve enforcement, validation, and risk mitigation

Unlocking data as a strategic asset

As your data privacy program matures, your approach shifts from reactive task-driven work to proactive planning for new company initiatives and emerging privacy regulations. To succeed, your privacy initiatives need more structure, leadership accountability, and improved change management, along with better visibility into your overall data privacy posture. 

Join this session to learn from OneTrust experts about how to take your data privacy programs to the next level by:  
• Building upon your existing capabilities and leveling up your teams 
• Partnering more closely with marketing teams to build first-party data 
• Automating your core privacy workflows

Integrating privacy strategically into your business

Many companies are in the early stages of their data privacy journey. At the beginning, many teams are focused on responding to compliance initiatives, completing tactical requests, and creating ad-hoc policies and records. With limited resources, low visibility, and manual spreadsheet-based processes, teams struggle to get ahead of meeting basic requirements to achieve higher levels of program maturity. 

Join this session to learn from OneTrust experts about how to build a strong privacy foundation to: 
• Achieve your compliance objectives 
• Build and grow a strong privacy culture 
• Use technology to ease the burden of manual tracking 
• Lay the groundwork for more strategic privacy programs

Building foundational data privacy compliance

Prepare your organization for the new wave of US privacy laws! 

This session will guide you from the basics of the latest legislation to the practical steps necessary for operationalizing these laws within your organization. Gain actionable strategies to ensure your organization not only understands the new regulations but also effectively implements them for long-term compliance and data protection. 

Key takeaways: 
• Comprehensive overview of the latest US data privacy regulations and updates impacting businesses 
• Expert insights on bridging the gap from legislation to operational readiness 
• Learn how OneTrust Privacy & Data Governance solutions help organizations not only meet compliance, but also evolve their data privacy program to become a strategic enabler for the business

From legislation to operation: How to prepare for the new wave US Privacy laws

In today's dynamic business landscape, effective risk management is essential for organizations to safeguard their assets, reputation, and long-term success. 

During this webinar, our expert panel will delve into the intricacies of measuring the return on investment (ROI) of your risk management program. We will explore practical strategies, methodologies, and key performance indicators (KPIs) to help you quantify the value your risk management initiatives bring to your organization. 

Attendees will learn how to: 
• Define and align measurable objectives for your risk management program. 
• Identify relevant KPIs to assess the effectiveness of your risk management efforts. 
• Techniques for collecting and analyzing data to measure ROI accurately. 
• Evaluate the financial and non-financial impact of risk management activities. 
• Communicate ROI findings to stakeholders for enhanced decision-making.

How to Measure the ROI of Your Risk Management Program

The NIST Cybersecurity Framework (CSF) is among the latest frameworks under construction. As one of the go-to references for businesses of all sizes, NIST CSF provides a blueprint for cyber resilience, but operationalizing theory into practice can be a challenge, especially for enterprises complying with multiple frameworks or standards.

In this session, we’ll highlight the core objectives of NIST CSF, the proposed changes in the latest draft of NIST CSF, how these updates influence InfoSec and risk programs, including overlap and synergies with other frameworks, and discuss key areas where businesses can introduce or evolve automation to transform point-in-time compliance projects into continuous improvement initiatives to mature their programs over time.

Webinar insights include:
• Review what’s changing with the NIST CSF framework updates and potential impacts to your InfoSec program.

• Understand how this update correlates with other NIST family frameworks such as NIST SP 800-53, NIST SP 800-171, NIST AI RMF, and more.

• Evaluate the synergy and overlap of NIST CSF with broader InfoSec requirements and the nature of evolving security compliance.

• Identify key areas of consideration to have technology support your broader InfoSec goals and strategy.

Empowering your cyber defense: Key insight into the latest NIST CSF update w/PwC

InfoSec program management could be more efficient in supporting the real-time needs of CISOs as they address the growing complexity of internal and external risks. Organizations across the maturity curve are looking for new ways to operate and break away from the resource-intensive status quo - which often relies on antiquated tools, siloed processes, and over-investment in third parties — to put a more flexible, scalable, cost-effective approach into action.

In this session, we'll introduce a more efficient mechanism to translate complex (often ambiguous) compliance requirements into repeatable business practices that can be readily evidenced and reported on.

Learning Objectives:
• Understand the limitations of InfoSec practices in today's risk landscape.
• Identify five critical areas of automation prime for organizations to improve InfoSec compliance programs and projects.
• Recognize system opportunities to alleviate custom development and API maintenance.
• Translate program efficiencies into measurable benefits and results for the business.

Modernize InfoSec | A Rosetta Stone for Translating Compliance

InfoSec program management is too inefficient to support the real-time needs of CISOs as they address the growing complexity of internal and external risks. The status quo - which often relies on antiquated tools, siloed processes, and over-investment in third parties - must yield to a more flexible, scalable, cost-effective approach. 

In this session, we’ll introduce a new approach to enterprise-wide program development and automation that can meet the modern complexity of businesses today. 
• Understand the limitations of InfoSec practices in today’s risk landscape.

• Identify five key areas of automation prime for organizations across the maturity spectrum.

• Translate program efficiencies into measurable benefits and results for the business.

5 automation trends to modernize InfoSec compliance

PCI DSS is an expansive framework with specific requirements that span multiple levels of compliance. Whether you’re evaluating PCI DSS for the first time, or maintaining compliance year over year across your businesses, this complex framework can be a significant undertaking. From scoping your business needs, to monitoring the vast set of control requirements PCI DSS projects and tasks can quickly consume valuable InfoSec resources.

In this session, we’ll highlight key areas of automation that can transform point-in-time compliance projects into continuous improvement initiatives to streamline audits, measure program processes, and save your organization time and money.    

Key takeaways:
• Build readiness projects to identify your current standing and generate the required controls, policies, and evidence tasks to address any program gaps. 
• Establish a common baseline to reinforce security controls consistently across different areas of the business. 
• Test once, comply many with our proprietary evidence framework to avoid collecting duplicative evidence tasks across over 31 leading InfoSec frameworks. 
• Integrate directly into your tech stack to collect evidence in scope and on time without interrupting your line of business.  
• Leverage a dynamic system of controls, policies, and evidence tasks that can seamlessly transition to PCI DSS v4.  
• Accelerate the progress of your audit as you work with your compliance partners or qualified security assessor (QSA) to meet framework-specific requirements.

PCI DSS Compliance: Scope & streamline monitoring with Certification Automation

Join us for an insightful panel discussion on the intricacies of data privacy in the digital age. Our expert panelists will delve into the ever-evolving EU-U.S. Data Privacy Framework and the critical aspects of data transfers across the Atlantic. 

In this webinar, you will gain a comprehensive understanding of the key challenges and opportunities surrounding data protection, security and compliance in the EU and the U.S. Our distinguished speakers, with their vast experience in data privacy, will: 

• Unpack the intricacies of the EU-U.S. Data Privacy Framework, including the EU General Data Protection Regulation and Privacy Shield. 
• Discuss the latest developments in data transfer regulations and their implications for businesses. 
• Share best practices for ensuring the secure and compliant transfer of data between the EU and the U.S. 
• Offer insights into the legal, technological and organizational strategies for safeguarding data privacy. 

Whether you are a data privacy professional or a business leader, this panel discussion will provide you with valuable knowledge and actionable insights to navigate the complex landscape of international data transfers.

Bridging the Atlantic: EU-US Data Transfers & The Data Privacy Framework

In this session, we'll provide a comprehensive global regulatory update, highlighting the latest developments and trends shaping the data privacy landscape. From emerging regulations to evolving compliance standards, we'll navigate through the key challenges and opportunities facing organizations worldwide. 

But that's not all – we'll also explore effective compliance solutions tailored for the dynamic environment of 2024. Our privacy experts will share practical insights and best practices to help you steer your organization toward compliance success amidst ever-changing regulatory requirements. 

Key takeaways: 
• Comprehensive overview of the latest global data privacy regulations and updates impacting businesses in 2024 and how to prepare.
• Best practices for ensuring data privacy compliance across different regions and industries.
• Learn how the OneTrust Privacy & Data Governance Cloud helps organizations not only meet compliance, but also evolve their data privacy program to become a strategic enabler for the business.

Navigating data privacy in 2024: Global regulatory updates & compliance strategy

Data privacy efforts have evolved from simple regulatory compliance initiatives to a customer trust imperative dependent on the responsible use of data across its entire lifecycle. To build trust-based personalized experiences, organizations must evolve their data privacy programs from early phases to higher levels of maturity.

Watch this on-demand webinar to hear from Ojas Rege, SVP & General Manager of the OneTrust Privacy & Data Governance Cloud, about the newly released data privacy maturity model and how your privacy teams can move beyond compliance to become strategic enablers for your business.

Data Privacy Maturity: Unlocking Value Through Responsible Use of Data

The process of creating, distributing, and analyzing PIAs and DPIAs requires automation to effectively and efficiently achieve “privacy by design.”  

In an era of heightened data concerns and evolving privacy regulations, businesses face the critical task of ensuring the protection of sensitive information. Join us for an informative webinar where we delve into the transformative power of Privacy Impact Assessments (PIAs) and how automation can be a game-changer in integrating privacy seamlessly into your organizational processes. 

Key takeaways from this webinar: 
• PIAs role in identifying and mitigating privacy risks, and how they align with global privacy regulations
• The principles of Privacy by Design and the importance of integrating privacy considerations from the outset of any project or system development 
• How automation can streamline the PIA process, ensuring efficiency, accuracy, and scalability in assessing and managing privacy risks across your organization 
• Demo of the OneTrust PIA and DPIA Automation solution

Embedding Privacy by Design through PIA Automation

In 2023 more American organizations than ever need to comply with stricter and wider-reaching requirements for collecting and processing personal data. There are several active state laws and over 30 state bills currently in legislation. Enforcement actions taken at the state and federal level are introducing new requirements and guidelines for privacy programs.   
 

In this session we’ll dive into what you need to know to stay ahead of the shifting US privacy landscape and:  

Lessons learned from CCPA's first enforcement action and investigative sweeps  

Key takeaways from FTCs enforcement on using PHI for advertising and data retention  

A look ahead to AI oversight in the US and how a robust privacy program can extend into this new wave of technology regulation

The Shifting US Privacy Landscape

In an increasingly digital world, ensuring the protection of personal data is paramount. In this session privacy experts shine a spotlight on two of the latest states to join the US Privacy landscape, Oregon and Delaware. Experts will provide an overview of the two new laws, what they mean for your business and how they differ from other state legislation. They also discuss the key requirements of each of these state privacy laws, including the scope, applicability, and compliance obligations.

The road to privacy compliance: A spotlight on Oregon & Delaware legislation

On February 8th, 2023, the International Organization for Standardization (ISO) adopted Privacy by Design as ISO 31700. With 30 requirements, the standard includes guidance on designing capabilities to enable consumers to enforce their privacy rights, assigning relevant roles and authorities, providing privacy information to consumers, conducting privacy risk assessments, establishing and documenting requirements for privacy controls, how to design privacy controls, lifecycle data management, and preparing for and managing a data breach. 

Speakers from the Product team and Privacy Center of Excellence at OneTrust dive into ISO 31700 Privacy by Design guidelines and how to implement privacy by design for your business.  

Key takeaways: 

Overview of ISO 31700  

Key considerations for implementing a PbD framework for your organization  

A look at OneTrust’s Privacy by Design solutions

Privacy by Design becomes an ISO standard

On July 1, 2023, privacy laws in Colorado and Connecticut entered effect. While the laws carry many similarities to other state laws already in effect, there are nuances that introduce new requirements for US Privacy compliance programs.   
 

Watch this session to learn about the new laws in effect, how to comply and:  

Key requirements of Colorado’s CPA and Connecticut CTDPA   

How these laws compare with other state laws in effect or waiting to go into effect  

Operational considerations for organizations that fall under scope

Now in effect: Colorado and Connecticut Privacy Laws

Several new states have signed privacy legislation in 2023 including; Indiana, Montana, Tennessee, Texas, and Florida. Watch this on-demand webinar for an overview of the new laws as privacy experts discuss key requirements, including the scope, applicability, and compliance obligations.

Preparing for Indiana, Montana, Tennessee and Florida state privacy laws

The topic of international data transfers has been a contentious subject since the Court of Justice of the European Union (CJEU) rules on the Schrems II case, invalidating the EU-US privacy shield and changing the way organizations manage persona data transfers overnight. Beyond the question of legality between transferring data between the US and the EU, data transfers are brought to the forefront in other regulatory updates including the UK Data Protection Bill, China’s PIPL, Canada’s PIPEDA, UAE’s PDPA. 
 

To effectively manage data transfers and mitigate risk of non-compliance with respect to global data transfer requirements, organizations need to document, assess, and mitigate the risk of data transfers, and provide consumers with notice and choice to share data with third parties. Join OneTrust product and customer success experts for a look at the latest features and enhancements for managing data transfers. 

Key takeaways: 

A look at recent enforcement actions and regulatory activity impacting data transfers in the EU and US 

Key requirements for managing data transfers holistically 

A demonstration of OneTrust’s latest data transfer management enhancements

Managing Data Transfers

OneTrust

Data Transfer

Data Management

Risk Mitigation

Global Data

Customer Success

Regulations

Data

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Managing Data Transfers

Presented by

About this talk

More from this channel