Learn how to operationalize privacy by building mechanisms to help tackle the tough privacy questions and ethical dilemmas that may arise.
- As important as it is to connect privacy to your company values and evangelize the issue to your employees, to truly build a culture of privacy, you need to operationalize it. You can do this by developing documentation that guides key decisions and finding leaders throughout the organization who will support those decisions. So, let's start with developing the documentation that will guide your organization's decisions around privacy. As you begin to build momentum in your privacy program, you're going to need to start thinking about how you want the company to deal with the tough decisions.
You're going to need to create a set of internal principles that will help guide you and the company through the tough calls. These are the calls that require you to choose between valuing privacy and increasing the company's bottom line. It's the decisions made in these situations that will determine how your company is perceived by regulators, the press, and most importantly, your customers. Lay out the goals of your program, the process you will follow when making the tough calls, and the values that will drive your decisions.
Put this in one document that your executive team signs off on and supports and make sure this document is then distributed to all of your company's senior leadership. It often helps to host a workshop in which you rely on the document to help the group solve a hypothetical issue. This is a good way to help the senior leadership team understand and internalize the privacy guidelines. Now, let's turn to discussing how you can use your company's leadership to operationalize privacy. I encourage you to create an internal privacy council that can be relied upon to support and enforce the company's privacy principles.
Make sure that this group includes executives from each of your company's core teams and at least one of the members of the group should be part of the C-Suite and in a position to escalate issues to the CEO or the board as appropriate. This privacy council should meet at least once quarterly and be kept up to date by the chief privacy officer about privacy issues facing the company and your industry in general. This council can be helpful to the privacy team when the goals of the business and the internal privacy principles conflict. They can help provide perspective from different parts of the company and ultimately lead the company to a decision that is in line with the company's values.
It can also be very helpful for the chief privacy officer to have the support of a team like this especially when an issue is escalated to the C-Suite. A privacy council such as this will also help to avoid what's often referred to as forum shopping or people going to different executives or lawyers in the organization to get the answer they want. Oftentimes when teams are told by the internal privacy team that they can't use data in a certain way, they simply find a different person in the company to approve and sign off. The impact of this forum shopping is that you end up with an inconsistent approach to privacy and even worse the privacy team finds that it can't hold the line on internal rules and guidelines because teams will constantly give examples of other places in the organization where those rules or guidelines have not been followed.
To create a consistent and compliant approach to privacy, you need one group of leaders who are committed to the company's privacy values and have the authority to determine and enforce the company's direction. Developing documentation that guides key decisions and finding leaders throughout the organization who will support those decisions will help ensure consistency in your company's approach to the difficult privacy questions it will face.
In this course, Kalinda Raina, head of global privacy at LinkedIn, shows how to create a successful privacy program by building privacy into the very foundation of your company culture. Learn what privacy is, why it matters, and how to develop a privacy program that serves the interest of not only your customers, but your company as well. Discover how to tie your policies back to your corporate values, enlist privacy advocates from every level of the organization, and build privacy into the product development cycle.
- Privacy regulations
- Assessing your privacy program
- Tying privacy to your corporate mission
- Creating privacy advocates
- Building privacy into your products
- Integrating privacy into the existing business