Use Case: Data Privacy Management

Alyne provides software for building and maintaining a compliant privacy organisation and enables you to easily assess and benchmark maturity against international data privacy baseline.

Introduction

The introduction of the General Data Protection Regulation (GDPR) in the EU and the Californian Consumer Privacy Act (CCPA) in California has raised awareness for the rights of consumers over their own data. This forces many organisations to change their way of thinking about personally identifiable information (PII). Many organisations address these complex international data privacy requirements using Alyne’s Software as a Service. We have identified some common challenges as well as some success factors along the way. 

Common Challenges

  • Not One Tick Box
    Some marketing and some organisations will have you believe compliance with a privacy law is all about one simple measure (that happens to be provided by their solution) such as the Cookie Banner on the web page. This drastically oversimplifies things and leaves organisations exposed.
     
  • Single Exercise
    Implementing a privacy framework is not a one-off exercise. Some may believe they can bring in a team of experts to “make them compliant” and then proceed as usual. That is not the case. Really implementing a privacy framework will likely change how you operate.

  • Get Scared by Fines
    Sadly, selling by fear is the ambulance chasing of the security and privacy industry. If you are only addressing GDPR or CCPA because of the potential fines, you are misguided and likely ignoring the huge reputational risk you are exposed to.


Success Factors

  • Consider Added Value
    If you consider good privacy practices added value for your customers and employees, you will be able to address your compliance with a business case rather than a cost of non-compliance. 

  • Integrate With Other Assurance
    Addressing privacy isolated from other assurance functions is highly inefficient. Consider synergies with information security, BCM, operational risk, audit, compliance and other functions.

  • Privacy by Design
    Trying to bend your organisation to be privacy aware and data austere after the fact is expensive and difficult. Make privacy part of your architecture and operations decisions.


For more information on CCPA and how it compares to GDPR, download our latest white paper
here.

PreviousNext
Karl Viertel

Related Posts

A 360 Degree Risk View of Your Vendors with Alyne and SecurityScorecard

Recently, Alyne’s third party risk management capabilities became a whole lot more powerful with the introduction of the SecurityScorecard integration which offers users a comprehensive 360 degree risk view of their third party dependancies. Read more about how you can power-up your vendor governance process with the help of Alyne and SecurityScorecard.
Read more

Integrating Cyber Security, IT and Vendor Strategy for Improved Enterprise Risk Management

This year, United State's President Joe Biden signed a cyber security executive order to increase scrutiny and raise the bars for software security standards. In this article, Christina Casino from Alyne’s Customer Success Team unpacks and explains Alyne’s approach that can help your organisation streamline and integrate IT, cyber security and vendor strategy all within a single SaaS platform.
Read more

Data Security, Data Sovereignty and Data Residency Within a SaaS Cloud Environment

The convergence of big data and hyper cloud infrastructure has created a myriad of issues around the access, use and storage of data. The wave of nationalism and ‘inward focus’ as a reaction to a sustained period of outward-looking globalism is a major reason for this. Data custodians have very strong views and often regulatory requirements around how data should be treated. In this article, Stephen Nyabadza from Alyne’s Sales Team unpacks and explains Alyne’s approach to data within a Software-as-a-service (SaaS) cloud environment satisfies all concerns in this area.
Read more