Peter Fleischer writes:
The data protection establishment, worldwide, has been inventing a lot of new privacy compliance programs. All these different, well-intentioned initiatives are meant to serve the same purpose: improve privacy protections. All of them are, or likely will soon be, mandatory for most big companies. I can hardly keep track of all the different initiatives, but here are the ones I have struggled to understand:
- Accountability
- Privacy by Design
- Privacy Impact Assessments
- Consent Decrees
- Audits (internal and external)
- Regulatory reviews
- Data Processing Documentation
- Database notifications/registrations
- Binding Corporate Rules
- Safe Harbor Compliance programs
Lots of my acquaintances in the privacy field have asked me what I think about all this: Are these programs meant to run independently, even if they overlap and cover the same ground? Does anyone have a clue how much all this will cost? Where do you turn for help to implement these programs? Can one solid privacy compliance program be implemented to meet all of these goals? Clearly, all of us privacy professionals are struggling to understand this.
Read more on Peter Fleischer: Privacy…?