top of page
The Privacy by Design approach is no longer considered an additional strategy but a requirement laid down by certain regulations.
However, implementing it is not a straightforward process. What are the implementation challenges that companies face? What are approaches that have had success when implementing Privacy by Design? How can Privacy by Design be made sustainable?
Join our webinar, where we will be using our years of experience building and sustaining privacy programs inhouse to share our insights around the practical reality of implementing Privacy by Design in-depth, specifically the solutions that work and the solutions that don't
Topics to be covered
The Need for Privacy by Design
Collaboration with engineering teams
Effective communication on privacy company-wide
Privacy by Design best practices
Insights on approaches that work and approaches that don't
Building Sustainable Privacy by Design programs
This webinar is approved by the International Association of Privacy Professionals (IAPP) for Continuing Privacy Education (CPE) Credits.
Recent regulatory activity around privacy has a marked focus on cyber security aspects of privacy. The Texas Data Privacy and Security Act (TDPSA - effective July 1, 2024) requires data brokers to implement and maintain a comprehensive written information security program. The Florida privacy law requires companies to conduct and document data protection assessments of specified processing activities involving personal data. Extensive requirements are also specified for these assessments, and companies have an obligation to disclose the assessment if requested by the Florida Attorney General. Most recently, the California Privacy Protection Agency (CPPA) released discussion drafts of regulations they are considering around risk assessment and cybersecurity audit.
What does this trend mean for companies? For consumers? How will your programs need to be updated to comply with these laws?
To find out more, join our webinar, Increased Focus on Cybersecurity in Recent Privacy Laws, with privacy and security experts
The My Health My Data Act (MHMDA) was signed into law in April and will largely take effect from 31st March 2024. Complying with this Act requires a deep understanding of its definitions, scope, and impact. MHMDA will regulate the collection, use, sharing, and sale of health-related data. Companies subject to MHMDA will need to prepare as this law potentially requires more effort than other state privacy laws.
During our webinar on the My Health My Data Act, we plan to delve deep into the regulation, focusing on topics such as
Introduction to the Act - its scope and why it has been gaining a lot of attention
Specifics of the law and how companies can prepare for it
How the law differs from HIPAA
The impacts of the law on geo-fencing and Ad tech
The impact of the privacy right of action and what we can understand from other laws like BIPA that also have the privacy right of action
Artificial Intelligence (AI) has transformed our lives in many ways. AI offers a promise to provide numerous benefits to society. But with the increasing use of AI, risks around the use of AI also increase. As companies embed AI into all their products and services, there are a lot of questions around what data is used and how it is used to train AI models, particularly when the algorithm is used for critical decision-making.
In this webinar, we plan to discuss the intersection of AI and Privacy.
Privacy Issues arising from use of AI
Current privacy laws in the US and in EU
How the existing data privacy laws regulate AI
New EU AI Act and other upcoming AI Regulations
Lawmakers and regulators are increasingly focused on children’s privacy and online safety while increasing protections and obligations for teenagers. With the California Age-Appropriate Design Code Act going into effect in 2024 and other legislative changes, businesses will need to understand how to prioritize children’s and teen privacy, understand new developments in children and teen privacy, and implement measures that comply with the applicable regulations while still meeting their business requirements. This webinar intends to inform businesses on how to address this heavy lift.
Our webinar on Children and Teen privacy will cover the following topics :
Upcoming and existing privacy regulations focused on Children and Teen privacy
How businesses can prepare for the upcoming regulations and enforcements
Incorporating children's privacy measures into existing privacy programs
Building a privacy program that both protects the privacy of children and meets business requirements
Privacy engineering is a discipline that integrates privacy into the SDLC and operationalizes Privacy by Design (PbD) to deliver privacy outcomes. Privacy Engineering brings together tools (including Privacy-enhancing Technologies) to build systems that respect privacy. These systems embody fundamental data protection principles by minimizing personal data use, maximizing data security, and empowering individuals. Join us for a conversation with Priya Keshav, CEO of Meru Data and Aaron Weller, Leader of HP's Privacy Engineering Center of Excellence around the importance of Privacy Engineering as part of a modern privacy program.
We will cover topics including:
- How do we operationalize legal and business requirements around privacy?
- What is Privacy Engineering and PETs?
- How do you build a Privacy Engineering Center of Excellence?
- Why would you need a CoE?
The legal and regulatory privacy landscape is evolving rapidly. The Ad Tech privacy space, in particular, is facing significant compliance and regulatory challenges in light of the recent enactment of comprehensive privacy legislation that regulates Ad Tech and increased regulatory scrutiny and enforcement. As a result, the Ad Tech space is one on which to keep an eye
Our webinar will cover the following topics:
- How recently enacted privacy laws (including U.S. state comprehensive privacy laws) affect the Ad Tech industry
- Notable regulatory developments impacting the Ad Tech industry
- How players in the Ad Tech ecosystem should approach privacy compliance in the wake of recent developments
Employee privacy rights pose unique challenges for US businesses. The ever-changing privacy law landscape is complex and if you don’t have a plan the liability and business interruption can be substantial. This panel will address some of the new requirements stemming from global privacy laws around collecting and processing employee data that every US business needs to know.
**This course has been approved by the State Bar of Texas for full CLE credit. MCLE stands for Minimum Continuing Legal Education and every active member of the State Bar must complete a minimum of 15 hours of continuing legal education (CLE) during each MCLE compliance year. Our Sponsor ID # is A17268. For an attorney to report your attendance, click on the link, log in, certify that the requested credit is correct, and click submit. ** Link: https://www.texasbar.com/AM/Template.cfm?Section=Home&Template=/Security/Login.cfm
Privacy has been at the forefront of business priorities and rightfully so. The privacy forward approach involves numerous complexities, the most important being the need for fundamental change in our data practices.
These changes have to start at the top and persist through to the grass-roots level which calls for accurate and continuous education and communication within the organization.
As we begin the new the year on the right foot, let's focus first on building a practice of appropriate education and communication within the company as this has consistently been the marker of successful change within any organization.
With the Colorado Privacy Act (CPA) expected to go into effect on July 1, 2023, the state will join the ranks of California and Virginia in terms of privacy legislation. This gives businesses about eight months to get things in order before the law goes into effect.
However, the CPA differs from the other state regulations in certain aspects. The latest draft regulations proposed by the Colorado AG add some complexity around the legal obligations by businesses.
This webinar will focus on helping businesses prepare for the Colorado Privacy Act. If you’re someone who is already compliant with the existing privacy laws or just starting out, join us to learn how you can prepare to achieve timely compliance with the upcoming Colorado regulations.
B2B exemptions under the California Consumer Privacy Act (CCPA) excluded personal information collected in a business-to-business (B2B) context from the scope of the CCPA. However, these exemptions will cease to apply starting January 1, 2023, with the enforcement of the CPRA.
This means companies collecting personal information (PI) of business contacts for providing or receiving a product or service to and from another business will have to comply with the requirements under the CPRA. This goes on to include the PI of workforce members, independent contractors, service providers and other business contacts that was collected to aid in providing or receiving a product or service to and from another business.
Priya Keshav, founder and CEO of Meru Data, will be speaking at the ARMA International & Arizona Chapter Event on “California’s Consumer Privacy Rights Act (CPRA): What Arizona Data Processors Need to Know”.
The session will discuss the key takeaways from California Attorney General’s notices to organizations addressing purportedly incomplete or untimely responses to DSARs, incomplete recordkeeping, and deficient consumer notices, and from civil suits alleging causes of action under the CCPA.
Is your privacy program Proactive or Reactive? Is Privacy your default setting? Most importantly, is Privacy embedded into your business practices and IT design?
Today's data governance world calls for a 'Privacy by design' approach where Privacy is already a part of the IT architecture of the business, where it is the default setting, and every practice that occurs, does so from a privacy-forward standpoint.
Tune into our webinar where Privacy professionals discuss the Privacy by design approach and how it can be implemented for new businesses as well as already existing ones. We will also cover best practices and tips to maintain the approach over the long term
Are you prepared for 2023? With new privacy laws going into effect in Virginia, Colorado, California, Utah, and Connecticut, what should you be doing now to help ensure timely compliance with these new requirements?
Developing a comprehensive, multi-state privacy strategy will be challenging, especially given the fact that some of the requirements for compliance are still under development. The best path for an organization is to implement a strong data privacy foundation with processes and tools that are scalable to adaptable to new regulations.
Join us for this webinar as we focus on the new state privacy laws, provide companies with helpful tips to prepare for the new laws before they take effect. We will also discuss what to expect from the rulemaking process.
Data minimization should be an integral part of an organization's privacy program. Data minimization requires good planning, connecting the dots, and working collaboratively with all relevant stakeholders across the organization. Please join us where we discuss the following:
- Data minimization requirement under CPRA, VCDPA, CPA, and GDPR
- How do you minimize collection?
- Reconciling the requirement to delete for Privacy and Retention Compliance
- Practical examples and use cases on how to plan
- Discuss existing case laws and requirements
- Steps that can lead to a sustainable data minimization program
- Incorporating best practices and lessons learned
Priya Keshav, the Founder, and CEO of Meru Data will be speaking on “Rethinking RIM for Data Minimization,
Are You Ready?” at the MER | The MER Conference 2022 | May 10th – 12th.
Join the live session on May 2022.
Internal controls are safeguards designed to avoid, detect and minimize risks. Internal Controls are valuable tools.
Companies are adopting internal control frameworks to enhance, measure and mature their privacy programs. In this webinar, we will discuss
1. Frameworks like ISO or NIST
2. Factors involved in picking the right framework
3. Incorporating privacy-related controls into the control environment
4. Can control enhance your operational efficiency?
5. How to measure the effectiveness and maturity of the program using these frameworks as a guide
With the exponential growth incorporating data, there is an increasing need to ensure all sensitive, personal, and business information is properly identified and secured. But it has become difficult for organizations to keep up with this growth in enterprise data and utilize its full potential. Only AI and machine learning technologies offer the ability to detect, map, and categorize sensitive data at an organizational level. However, mapping sensitive information at an enterprise scale requires a solution that is scalable and accurate.
Reasons to attend
- Get acquainted with the types of data classification
- Know how to properly scope and plan for such an effort
- Learn about the capabilities and limitations of such an AI/ML model and how to incorporate appropriate manual controls for successful execution
Join us for a webinar on Effective change management in IG and Privacy programs. Change management is critical for reducing user adoption risks and improving alignment. Done correctly, it leads to greater ownership and accountability across the organization around Privacy. It correlates directly with program success. But despite everyone's understanding, this is critical for success, why is change management so difficult?
Our panel will discuss the three main pillars of change management:
- Leadership and Influence: How can you enable leaders in your organization to persuade others to join in the execution of IG programs. How can your existing organization structure be leveraged to influence change?
- Negotiation and Persuasion: Be more transparent and engaging during the implementation process. This has a direct impact on user adoption, ROI and ultimately will lead the organization to its IG and Privacy goals. Communicating the “future state” will help people understand areas that will need to change the most.
- Tools and techniques needed: Do you have the right tools to introduce change? How will you be able to motivate others and deal with resistance to change? What are some of the emotional elements of change that you need to consider so that your IG and Privacy future state is realized and sustained?
We will cover topics like where privacy professionals go to keep themselves informed, areas of specialization that are developing in this space what skills are most sought after, where, and why.
- Keeping up with Privacy standards
How can we keep up with new and conflicting privacy compliance standards across the globe? What are some of the sources to stay current How effective are training and certification?
- How will the Privacy space evolve
What specializations do we see evolving within the Privacy space? What should Professionals in this area be thinking about to stay current Potentials areas of expertise that are developing: Privacy Law (Country specific), Privacy Engineering, Privacy Tech
- Where should Privacy sit within organizations?
What is the ideal model for Privacy – centralized function or distributed/embedded Where is Privacy currently in organizations – Legal, Compliance, Marketing? Which parts of the organizations are hiring today in Privacy?
Did you know 80% of people are more likely to buy from companies that they believe protect their personal information? Retail companies need to truly understand their consumers in order to both retain and successfully serve them. Can this be done effectively while also ensuring consumer privacy is safeguarded? Deriving value from consumer data and providing privacy protection are not either/or options for companies today. Both are a must for companies to succeed in Retail. Join us for a discussion on how you can proactively build programs to maximize both the value of your consumer data and ensure the privacy protection that consumers expect.
Key themes of the discussion:
- Customer centricity in Retail
- Maximizing data utility without compromising privacy
- Integrating “Privacy by Design” into day-to-day operations and why it’s important
- Can Privacy-enhancing technologies (PETs) help?
Rather than continuing to rush forward with implementing a digital transformation strategy, including privacy and security-related issues, organizations actually need to take two steps back to identify critical information management-related gaps before continuing to move forward. The first step is to automate information-related processes in conjunction with information management best practices to establish systematic controls and reporting mechanisms. The second step is to convince stakeholders that the program is effective by demonstrating positive ROI. This workshop discusses how to establish effective information assurance (IA) KPIs to successfully manage and sustain your privacy program from an IA perspective.
Priya Keshav, Founder and CEO of Meru Data, will present "Breaking Down Information Silos with IG Metrics & Transparency".
Learn from these and other educational sessions, only at InfoGov World conference days, September 16 and 17 (IG, RIM, and eDiscovery training happening on September 14 and 15). Don't miss out - register today!
Priya Keshav, Founder and CEO of Meru Data, will be speaking on “Implementing Data Minimization Programs at Global Enterprises” at the MER | The MER Conference 2021 | May 24 -27.
She will discuss key foundational elements required for a robust data minimization program and how they should be structured to engage stakeholders across the enterprise. Join the live session on May 25, 9:00 AM – 10:00 AM CDT.
Information has become a valuable asset of the digital realm, and safeguarding it should be the priority of every organization. With the growing opportunities for IoT and AI, it is pivotal to be abreast with the risks associated with the same. The Arizona Chapter is back with their ARMA AZ Spring 2021 Seminar!
This month will feature a talk on “IoT and AI, and why we should be interested in it” by guest speaker Priya Keshav, the CEO of Meru Data. Join the live seminar on March 18, 2021, at 8:00 AM MDT via Zoom.
What factors, qualities, and skills drive success, and how can those components help women pursuing careers and leadership roles in the information governance sector? panelists include Ann K. Snyder (Manager of Content Development at ARMA International), Priya Keshav (Founder and CEO of Meru Data), Stacey Egerton Davis (Senior Vice President of FinPay, LLC), and Lynn Molfetta (co-partner and consultant at MC Bernstein Data).
The session focuses on the intersection of IoT and AI and how it affects your security, privacy, and ethical risks. The presentation will share examples of how companies are viewing and managing these risks right now. The challenges companies face while trying to address these risks will also be discussed. Both IoT and AI are here to stay.
John Montana, Brian Tuemmler, Priya Keshav, and John Icaza will join a panel to provide practical advice for organizations on how to comply with various privacy regulations followed by a 45-minute roundtable discussion. Participating in this session will help you be knowledgeable and up to date about privacy compliance which will be a key skill going forward.
Technology is changing our lives in countless ways, from smart thermostats and smart watches to smart cities and energy grids. A wide variety of use cases are being enabled through smart devices called IoT or the Internet of Things. As companies unlock the potential of IoT, the number of IoT devices is expected to exponentially grow to 20 billion by 2020. Managing data from IoT is a looming challenge for legal professionals. We will discuss these challenges both how they affect the practice of law and the operational challenges surrounding data governance.
Invited speaker to discuss "IG Leadership in a Time of Transformation: Robots, Blockchains, and IoT Devices, Oh My!" The advent of AI and other innovative and disruptive technologies is an opportunity for CIGOs to step up in taking the lead in spearheading efforts to integrate such technologies into the workplace. The panel will share insights on how companies have used AI techniques and blockchains, including in changing the way recordkeeping functions, and will also discuss how the IoT environment poses new and unique challenges in the IG space.
The CIGO Summit is a by-invitation-only, executive event for senior leaders in cybersecurity, information management, law, privacy, data analytics, records management, compliance, and other IG-related disciplines.
IoT and Info Gov: What You Need To Know The Internet of things, or IoT, is transforming how we interface with the world. As organizations unlock the potential of IoT, the number of IoT devices is expected to exponentially grow. Managing data from IoT is a looming challenge for information governance professionals. Join this session for practical guidance on how to structure an IG program for IoT data.
bottom of page