We explore three crucial questions that various departments within a business should ask in order to ensure the safety and security of their organisation.
C-suite leaders
In today's digital age, where data is the new currency, privacy has become a critical concern for individuals and organisations alike. C-suite leaders have a responsibility to prioritise and champion privacy initiatives within their organisations.
What three questions should C-suite leaders be considering?
When did you last rehearse your privacy breach response plan?
Have you invested sufficient resources in privacy, in line with your risk and data strategy?
Do you have a plan for responsible governance of generative AI?
Technology teams
As guardians of data and technology infrastructure, it is imperative for technology teams to focus on, and advocate for privacy initiatives.
What three questions should technology teams be considering?
How frequently do you test the security controls over your organisation’s most sensitive and/or valuable data?
How do you incorporate privacy risk assessments into IT check-points and approval gates?
Do you apply retention and disposal schedules in practice, or is data retained indefinitely?
HR teams
In the era of digital transformation, where personal data is at the heart of HR processes, privacy has become a paramount concern for HR teams. As custodians of employee data, it is crucial for HR teams to prioritise and champion privacy initiatives.
What three questions should HR teams be considering?
Are you monitoring employees and, if so, have you built in privacy protections?
If you receive an increase in Privacy Act requests, are you equipped to cope?
Are you set up to use sensitive personal information for diversity & inclusion initiatives?
Legal teams
As custodians of legal compliance and risk management, it is imperative for legal teams to place privacy initiatives at the forefront of their priorities.
What three questions should Legal teams be considering?
What privacy and data regulatory developments will have the biggest impact on your organisation this year?
Do your privacy contract clauses need updating?
In case of a cyber attack, have you established relationships and protocols for communicating with attackers, law enforcement, insurers, regulators?
Procurement teams
In today's interconnected business landscape, privacy has become a critical consideration for procurement teams. As stewards of supplier relationships and data management, it is essential for procurement teams to prioritise and emphasise privacy initiatives.
What three questions should Procurement teams be considering?
How are you ensuring that new vendors or acquisitions meet your organisation’s privacy standards?
How could you monitor high risk vendors during the life-cycle of a contract?
At the end of a contract, how do you ensure that vendors either delete or return your data?
Startups
In the fast-paced world of startups, privacy has become a critical consideration for success. As emerging businesses that handle valuable data, it is essential for startups to prioritise and embrace privacy initiatives.
What three questions should Startups be considering?
Are you across the data privacy laws in markets you’re looking to expand into?
If your business is acquired, do you have the right permissions to transfer customer data to a new owner?
If your business sells services or products to enterprise customers, have you planned for their due diligence questions about your privacy capability?
Privacy officers
As guardians of data protection and privacy within organisations, privacy officers play a crucial role in ensuring the responsible handling of personal information.
What three questions should Privacy officers be considering?
Are you providing your organisation’s C-suite and board with meaningful reporting on privacy metrics?
Looking across your privacy risk management activities, where do you get the best return on investment for your organisation?
If you asked a colleague why privacy is important to your organisation, would they be able to tell you?
How we can help
Our team of privacy law experts provides comprehensive guidance on a wide range of privacy matters. We offer strategic and practical solutions tailored to our clients' needs, enabling them to effectively mitigate risks, establish trust in privacy practices, and capitalise on data-driven opportunities.
Collaborating closely with our cyber security team, we also offer advisory services in cyber security, risk assurance, and forensics. By combining our expertise, we aim to enhance client experiences and deliver holistic solutions that address all aspects of privacy and data protection.
Contact us
