5 Ways Privacy Pros Can Foster Collaboration Across the Business
We've all heard the saying, "Teamwork makes the dream work," but for...
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Published: October 29, 2024
In September, the Osano privacy team was lucky enough to attend a couple of industry events with privacy executives and privacy pros on the West Coast, including the IAPP's “Privacy. Security. Risk.” conference in Los Angeles.
From demos with prospects, meetings with customers, coffees with partners, connecting with new and older friends, and dancing with a purple cowboy hat at the after party, the Osano team was able to enjoy time with each other as well as our friends in the broader privacy community.
As always, there were some valuable learnings, great connections and an opportunity to discuss some of the challenges that privacy pros are facing today. We also were really lucky and got to debrief our resident tech genius, co-founder and CTO Scott Hertel on some of these sessions. It was awesome to nerd out over coffee on some of the themes we heard, and how we can continue to evolve our platform with innovation privacy solutions.
Being in-person and having the chance to chat over coffee is always a treat, and I deeply appreciate the time from those we met with and who shared thoughtful perspectives on evolving privacy risks. Just like other pros, we really benefit from being able to chat through privacy challenges and how we can all work together to do the right thing
Here were my takeaways:
Privacy pros have a lot on their plate. While the job descriptions and scopes vary by business, it's clear that privacy pros are covering an ever-expanding list of responsibilities: privacy, cyber compliance, online safety, digital risk, AI, corporate governance, ESG, training and enablement, government affairs and policy, and more. And with those changing responsibilities, the structure of teams is changing too.
We're increasingly hearing of data governance responsibilities and amended titles, with increasing partnership across privacy-adjacent functions such as GRC and security. This is reflected in the expanded mission of the IAPP to cover privacy, AI governance, and digital responsibility globally as well as the launch of a IAPP’s Cybersecurity Law Center.
With increasing responsibilities and limited or no additional budget or headcount, privacy pros are facing a number of challenges, including scope creep and the risk of burnout and overwhelm. Privacy leaders need to take steps to ensure that they are planning how they can support their teams before burnout sets in. This might mean considering training and development opportunities, prioritization, and tooling that supports automation.
Enforcement and private litigation are on the rise, with regulators emphasizing that more is on the way. However, enforcement patterns and litigation trends vary by geography.
All regulators are warning that enforcement is coming. States like Texas, Colorado, and New Hampshire have established specialist divisions to handle privacy complaints sharing litigation resources. Each says that they are well staffed and ready to enforce. Organizations therefore need to take heed of this, evaluating the privacy commitments they make, ensuring that they can honor privacy rights being exercised, and understanding their data flows.
Privacy pros need to ensure that they are thoughtful in how they build their program in a way that anticipates defense. Documentation of analysis, decision-making processes, and rationales are critical. Regulators have abandoned investigations when shown the "why" behind decisions. Regulators want to see a program—this means getting away from just writing policies or checklists to show how they are operationalized. Having auditable records can help provide explanations and justifications of decisions.
In the past quarter, there has been a slowdown of new privacy laws globally. In part, this is because many legislatures aren’t in session in the summer months but also because it's an election year. That said, we anticipate the progression of bills to continue in Q1, particularly as governments take a "whole of society" approach to data regulations versus industry or sectoral. And this will continue to roll out to cover privacy and AI.
Overall, it’s clear that the role of the privacy pro is changing, and their list of responsibilities aren’t shrinking anytime soon. If anything, the only constant in a privacy pro’s life is that change is inevitable—that, and the fact that Osano is there to support you when contending with these new laws, responsibilities, and trends.
Looking for that one template, tracker, or piece of regulatory guidance to help carry out your work faster? Check out our free repo of 50+ data privacy resources.
Download Now
Rachael Ormiston is the Head of Privacy at Osano. With over 15 years of professional experience, she has deep domain expertise in Global Privacy, Cybersecurity, and Crisis and Incident Response. Rachael is an IAPP FIP and has previously served on the IAPP CIPM Exam Development board. She has a personal interest in privacy risk issues associated with emerging technologies.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.