A constantly changing legal and regulatory environment is the “new normal” for privacy. The EU GDPR had a significant global impact since 2018 and inspired many other countries to renew their data protection regulations.  The California Consumer Privacy Act (CCPA) went into effect in 2020. In addition, the global health crisis created concerns around new and emerging uses of personal data such as contact-tracing apps, telemedicine and network thermometers.

As the complexity of privacy regulations increases, so does the responsibility for organizations to manage personal data and ensure their security and privacy teams are aligned to respond to potential privacy breaches. Data breaches are a constant threat for all organizations, and no matter how many policies, strategies or defenses there are, sooner or later a skilled attacker will be able to compromise them.

In this presentation, Marc shows the importance of having a strong privacy practice including having robust policies, processes and tools in place to help manage data privacy and breach notification requirements. Employees should be regularly informed via training about basic privacy practices.  HR, legal, compliance, security and IT are some of the teams affected by privacy and need to participate. In short, privacy is a team sport, and so are privacy breaches.

The presentation shows which 5 steps need to be followed when a data breach occurs and mentions 10 appropriate technical and organisational measures to avoid possible data breaches.