How to Effectively Engage Boards on Privacy
Information privacy is a significant risk for many organizations, and recent laws (GDPR, CCPA) and high-profile news stories and fines have made this a board room concern.
As a newer discipline, many people do not yet know how to communicate effectively on privacy risks and the actions that Boards need to take to be informed and to help organizations take appropriate steps to manage the personal data that they have.
This presentation will provide a framework to prepare for, deliver, and follow-up on privacy related risks and themes with a board level audience and key areas that auditors and other people for whom privacy is not their day-job can provide a useful perspective.
Fellow of Information Privacy
Aaron has over 20 years of global consulting and industry experience. After 5 years leading PwC’s Privacy practice for the West Coast, he spent a year helping a leading technology company with their GDPR implementation efforts and now provides strategic privacy advice to companies looking to innovate their use of personal information.
Aaron transitioned his focus from Information Security to Information Privacy beginning in 2008, and now consults in both areas . He has held roles including the Chief Information Security & Privacy Officer for two multi-national retailers.
Aaron now leads the privacy consulting practice for Sentinel, and also leads development of business requirements for their Ethos privacy management platform.
Aaron is recognized as a thought leader in the field of privacy, and has been accepted as a Fellow of Information Privacy (FIP) by the IAPP.
Aaron has presented at national and international conferences on various privacy and data governance topics. He guest lectures on privacy and risk management at the University of Washington and Central Washington University.
He has also been quoted in publications including the Wall Street Journal and published in the book Using Security Metrics to Drive Action.