Data Privacy and Security: What’s the Difference?
Information has always been a form of currency in society—from buying...
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Updated: April 2, 2024
Published: April 1, 2024
Once you understand the need for a privacy program, your next challenge is knowing where to start.
In The Privacy Insider, Osano CEO Arlo Gilbert lays out the relevant information for you to operationalize your data privacy program in simple, clear language. Data privacy regulations are complicated enough; translating their requirements into tangible processes and practices shouldn’t be any harder than it has to be.
Here’s an excerpt from Chapter 6 of The Privacy Insider, where Arlo provides an overview of the four pillars of a robust data privacy program.
A big part of our work creating privacy tools at Osano involves consulting with privacy experts, staying on top of current and upcoming regulations, and developing tools for companies worldwide to help them create their privacy programs. Although the companies we work with span a huge range of business types, models, industries, and geographic locations, we’ve found that the strongest data-privacy programs share similar elements. We’ve developed a framework that captures those elements and adapts to organizations’ needs so they can create an agile program that will grow with them. It also takes the guesswork out of what to do, which is one of the biggest hurdles to building a data-privacy program.
The framework is made up of four simple pillars. We’ll unpack each one in the chapters ahead so you can use them as a guide to create a new program or further develop one you may already have. Those pillars are:
Governance & Accountability (Chapter 7): A privacy program needs a team of advocates behind it and structured governance to guide the policies, procedures, and processes that the team will adopt. Creating them is the first step to building a program, and those charters keep evolving just as the company and regulations do.
Compliance, Audit & Review (Chapter 8): Organizations with strong privacy programs constantly review their activities and operations to make sure they’re handling data as effectively as possible. This includes analyzing how they collect and store data, how they share data across departments and outside the organization, what their recordkeeping practices are, and whether they process data that is subject to specific permission or handling protocols. It’s an ongoing effort, and companies should regularly look for opportunities to hone their practices along the way.
Notice, Consent & Choice (Chapter 9): Great privacy programs prioritize clear, direct communication with data subjects. They have systems in place that make it simple for data subjects to exercise their privacy rights; user-friendly consent banners; easy-to-find and easy-to-understand privacy policies; and a well-managed website that can house and support each of those features.
Risk, Response & Resilience (Chapter 10): There is always some level of risk involved when handling personal data, and those risks increase when a company shares personal data with third parties such as vendors. A strong program will have systems in place for assessing the risk associated with any of their operations. This includes vendor risk management, the risk of a data breach, and the risk of noncompliance within their internal data processes. Organizations should also have formal procedures in place for responding to SRRs and other potential data-related incidents.
In the rest of The Privacy Insider, Arlo dives into each of these four pillars in depth. By following this model, you can develop a fairly comprehensive data privacy program at your organization without exhaustive research and uncertainty.
Preorder your copy of The Privacy Insider now to ensure you get access as soon as the book is published on April 3rd.
Want to start reading The Privacy Insider ASAP? Join the waitlist to get your copy as soon as it's printed.
Join the Waitlist
Osano Staff is pseudonym used by team members when authorship may not be relevant. Osanians are a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.