Tips for Managing and Mitigating Data Privacy Risk
In an article for Risk & Compliance magazine, Sheppard Mullin's Privacy and Cybersecurity leader Liisa Thomas explains how companies face many technological challenges like data breaches, lost critical data, falling victim to ransomware attacks and much more. On top of handling these challenges, companies should always be ready to adapt to the ever-changing privacy laws.
Despite many companies’ best efforts to prepare for any trials that come their way, Liisa Thomas points out that the risks are likely to be unexpected. Yet companies are expected to create effective programs in the event of these unanticipated hurdles, and corporate leaders are expected to navigate their way through these technological challenges when many of them lack a computer science background. This begs the question; how can leaders prepare for these risks? Thomas recommends three techniques. These techniques include using change management tools, understanding legal obligations and remediating concerns, and striking a balance between policies and procedures.
Thomas goes into greater depth on how to specifically apply these techniques to effectively modify corporate behavior and address the real and growing world of privacy and security risk. “Obvious compliance mitigation approaches include learning the laws and training people on relevant obligations. But obvious is not always easy,” Thomas commented. "Preparing for these risks requires a non-traditional approach."