The Personal Data Supply Chain: What it Means to You and Your Company Now
First it was GDPR, now CCPA, bottom line, the focus on privacy and the rights around personal data are now just a part of business. While there has been a lot of talk around compliance with different privacy regulations, often lost in this discussion is how companies need to adapt going forward, and that compliance is not just a one-time exercise. In this session, we will explore how the controls around the privacy of personal data are more than just a technical challenge. We will show how without sound business process changes along with updated methodologies in place, companies will still fail to provide environments that others in your ‘personal data supply chain’ will want to transact and partner with going forward.
As auditors, our audit plans, schedules, scopes, and programs need to be adjusted in more than just technical areas. We will explore how this supply chain impacts audit planning across your organization. The risk is real, not just from an individual perspective, but also from a business partner perspective as well, as auditors, we must be reviewing how the risks are being addressed.