The DPIA process is important. In this podcast we look at it from the organisational perspective. How do you make it work - not legally or technically - but organisationally.

You find the presentation here: https://3963040.fs1.hubspotusercontent-na1.net/hubfs/3963040/Presentations/20240405_masterclass_DPIA.pptx.pdf

It:

• Supports good decision-making,
• Good governance
• Compliance
• Often no DPIA is required – documents the non-action
• It is also good practice to do a DPIA for any other major project which requires the processing of personal data. (ICO)

However, data protection often doesn't now when a new system is coming on board.

It is a cultural issue and we have to do many things to chance it:

• Training and awareness
  • Don’t forget VIP’s
• Let’s put it in a policy (and get it out there)
• Hybrid organisation and ambassadors
• We have a process (or more)
• We have buy-in
• Ask…

That is what you'll learn about in this podcast.

Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com

Wired Relations is a GRC solution - tailored for privacy and information security.

We help organisations turn fragile privacy and information security into sustainable GRC programmes.

We focus on four things:

• Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.
• Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.
• Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.
• Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

Shifting Privacy Left is a conscious effort to embed privacy practices earlier in the development life cycle to prevent privacy harms and data breaches from forming, Privacy Tech Advisor Debra Farber says.

In this interview Debra Farber and I discuss what Shifting Privacy Left does, how it helps organisation, what competencies are needed and how it is implemented.

My take-aways from the interview:

• Privacy requirements should be table stakes and functional product requirements, not something that comes from legal or the privacy team.
• Privacy by Design is the strategy, Shifting left is the implementation.
• It's a cultural shift which requires upskilling. Today, most developers, don't think privacy is their responsibility. Therefore, they should learn about privacy and data protection.
• Shifting Privacy Left can solve problems, lessening the compliance burden down the line.

You host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/

Debra J. Farber is a globally-recognized Privacy, Security and Ethical Tech Advisor and Principal and Host of The Shifting Privacy Left Podcast.

The Shifting Privacy Left Podcast: https://shiftingprivacyleft.com/audio/8323

Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.com/datasustainability

Making a Data Protection Impact Assessment (DPIA) on Google Workspace for schools is a huge undertaking. In Norway they've decided to collaborate on it.

Today, Jacob Høedt Larsen, talk to project manager, Ida Thorsrud, about the project and learnings from it.

Some take-aways:

• It has been possible to co-operate with Google in the proces, something that Ida has never experienced before
• Parents, teachers and pupils are involved and give the project team a much better view of risks to the "data subject"
• Project participants learn a lot from the process that can be put to use in their everyday job
• Responsibility lies with the municipalities. Therefore, the project aims at making it 80 % ready.

You can follow the project by subscribing to their English newsletter:
https://nyhetsbrev.ks.no/p/s/MTk4ODA6ZmUyZjg3ZTQtYWZmYS00NGZjLWE2MzItYmNkNjFlNmEyOTBm

Follow your host, Jacob Høedt Larsen, on Linkedin for more news and views on Sustainable Compliance: https://www.linkedin.com/in/jacobhoedtlarsen/

Sustainable Compliance is brought to you by Wired Relations - read more about us here.