How to drive effective privacy operations with functional requirements

In the run-up to May 25, 2018, many businesses that thought they were well-prepared to meet their new General Data Protection Regulation obligations discovered that operationalizing many components of a GDPR-compliant privacy program requires more than simply drafting a new or updated set of policies and procedures.

With GDPR now in full effect, these businesses are quickly realizing that truly effective GDPR compliance is a highly complex undertaking requiring active, cross-functional collaboration between privacy and information technology. In instances where businesses struggle to operationalize key compliance components (e.g., response to data subject rights requests, revocation of consent), they should consider developing “functional requirements” that provide specific, detailed guidance to the privacy and IT teams to fully meet their GDPR obligations.

Source: How to drive effective privacy operations with functional requirements

>