Adam Stone has over 30 years’ business leadership experience with 19+ years overseeing data privacy and security functions for healthcare, insurance, financial services and marketing organizations. Stone’s experience spans a broad array of global privacy and data security laws, regulations, standards and guidelines. He provides executive-level advice and mentorship to enable the implementation and maintenance of effective data privacy and security programs for organizations large and small. Secure Digital Solutions is an award-winning Minneapolis-based management consultancy focused in data security and privacy advisory and cybersecurity performance management services to organizations across the United States and abroad. Stone earned his MBA from the University of St. Thomas and BA from the University of Minnesota-Twin Cities.
This session focuses on two influential laws driving the current data privacy agenda for organizations large and small. The General Data Protection Regulation (GDPR) applies broadly to any organization that processes personal data about folks in the European Union. The California Consumer Privacy Act of 2018 (CCPA), passed shortly after GDPR went into effect, defines similar data protection obligations for for-profit entities who process personal data about California residents. Both laws have wide-reaching effects due to their scope. Organizations that worked towards compliance with GDPR may be able to leverage those same processes to enable the rights defined in CCPA.
• What is the internal auditor’s role in GDPR and CCPA compliance?
• What ought the internal auditor know about these privacy mandates?
• How can internal auditors add value in the ever changing world of data privacy regulation?