For the past several years I have been working for a Fortune 150 business, leading the enterprise-wide privacy program. I have been fortunate to have a great team working for me and we were able to build a successful program including achieving PCI DSS compliance and Safe Harbor certification for our business units around the world.
Frequently in the discussions I have had with leaders in other businesses to discuss privacy, a common these emerges: How does a mid-size or small business meet the privacy challenges that are imposed by governments, regulatory or industry groups, and by trying to do the right thing? The concept for Privacy Ref was born from these discussions.
The vision for Privacy Ref is to provide a Privacy Office for mid-size and small businesses. Each case will be different, but this may mean assessing an existing program, reviewing or creating privacy policies and processes, assisting with awareness training, or putting together a privacy program from scratch. We already are working on a privacy assessment for one organization, but more on that later.
In the future, this blog will provide commentary on relevant privacy issues, tips for a program, or just general observations. Your comments are welcome and I am looking forward to your participation.