Compliance used to be simpler. An organization was given a set of requirements and it had to check the boxes that it met the requirements and compliance was achieved. The complex nature of business today and the focus on information in the digital economy has driven compliance requirements to a new level of intricacy and depth.
Today data weaves in and out of business processes, throughout the organization and across third party relationships. Organizations need to understand how all information, especially personally identifiable information (PII), enters, moves throughout, and is used in the organization, and how it is shared and used in third party relationships (e.g., outsourcers, services providers, vendors, suppliers, consultants, brokers, dealers, agents).
Privacy is a significant compliance challenge with specific requirements, associated content and processes that organizations should consider . . .
The rest of the article can be read via the link in the button below. Michael Rasmussen of GRC 20/20 posted this as a guest blog on www.infogoto.com.READ MORE