• Platform
    • The Osano Platform Overview

      Get an overview of the simple, all-in-one data privacy platform

    • header__icon-1
      Cookie Consent

      Manage consent for data privacy laws in 50+ countries

    • user-square
      Subject Rights Management

      Streamline and automate the DSAR workflow

    • assessments primary 200
      Assessments

      Efficiently manage assessment workflows using custom or pre-built templates

    • Unified Consent primary 200
      Unified Consent & Preference Hub

      Streamline consent, utilize non-cookie data, and enhance customer trust

    • data mapping primary 200
      Data Mapping

      Automate and visualize data store discovery and classification

    • shield-tick
      Vendor Privacy Risk Management

      Ensure your customers’ data is in good hands

    • Features & Integrations

      Key Features & Integrations

    • Privacy Templates
    • GDPR Representative
    • Consult Privacy Team
    • Regulatory Guidance
    • Integrations
  • Solutions
    • By Regulation
    • CPRA

      Discover how Osano supports CPRA compliance

    • CCPA

      Learn about the CCPA and how Osano can help

    • GDPR

      Achieve compliance with one of the world’s most comprehensive data privacy laws

    • By Organization Type
    • Icon (10)
      Start-Up

      Don’t let data privacy compliance get in the way of growth

    • Icon (11)
      Mid-Sized

      Preserve your competitive edge

    • Icon (12)
      Enterprise

      Manage data privacy at scale

    • By Use Case
    • Path
      Consent Management

      Manage consent without the complexity

    • Icon (14)
      DSAR Automation

      Never miss a DSAR deadline again

    • Icon (16)
      Privacy Program Management

      Build and grow an end-to-end privacy program

    • Icon (15)
      Vendor Risk Management

      Regain insight and control over your customers’ data

  • Resources
    • Resources

      Key resources on all things data privacy

    • book-open-01
      Articles

      Expert insights on all things privacy

    • Icon (25)
      Resource Center

      Key resources to further your data privacy education

    • hand a heart icon primary 200
      Customer Stories

      Meet some of the 5,000+ leaders using Osano to transform their privacy programs

    • globe icon primary 200
      U.S. Data Privacy Laws

      A guide to data privacy in the U.S.

    • code icon primary 200
      Product Updates

      What's the latest from Osano?

    • Become a Privacy Insider

      Data privacy is complex but you're not alone

    • envelope icon primary 200
      The Newsletter

      Join our weekly newsletter with over 35,000 subscribers

    • Icon (17)
      The Podcast

      Global experts share insights and compelling personal stories about the critical importance of data privacy

    • book-open-01
      The Book

      Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program

    • Icon (30)
      Events

      Upcoming webinars and in-person events designed for privacy professionals

    Latest Blog post

    Map of the US with pins in several states.

    Privacy Laws 2025: Prepare for the 8 Laws Going into Effect

    Businesses in the US will be subject to a lot more scrutiny from...

    Read Now
  • Company
    • Vector
      About Us

      The Osano story

    • Icon (25)
      Careers

      Become an Osanian and help us build the future of privacy!

    • Icon (26)
      Contact

      We’re eager to hear from you

    • 
      Our Pledge

      No fines, no penalties

    • Icon (27)
      Data Licensing

      Add Osano data privacy ratings and recommendations to your application

    • Icon (28)
      Osano Swag Store

      Increase Trust. Stay Compliant. Get Cool Swag.

    • Icon (29)
      Press & Media

      Inquiries and Osano in the news

    • Icon (30)
      Partners & Resellers

      Interested in partnering with us?

  • Pricing
  • Sign In Book a Demo
Additional Resources After Reading

The Privacy Insider, Continued

Find templates, examples, and companion resources to Arlo Gilbert’s book, “The Privacy Insider,” so you can set your privacy program up for success.

Privacy Insider - Switchback 2
Privacy Work Is Never Done

"The Privacy Insider" Digital Appendix

Now that you’ve read “The Privacy Insider: How to Embrace Data Privacy and Join the Next Wave of Trusted Brands” by Arlo Gilbert, you might be looking for a few extra resources for your privacy program journey.

As a result, we’ve built this digital appendix, complete with several of Osano’s free guides on everything from privacy programs and data privacy laws to assessments and data mapping.

 

Privacy Insider Book Cover w Shadow (1)
The Osano Privacy Program Maturity Model

Measuring Your Privacy Program's Success

As you develop your privacy program, it can be hard to know if you’re headed in the right direction.

With the Osano Privacy Program Maturity Model, you’ll not only gain information on each element of a privacy program, but you’ll also be able to score your program, identify which elements represent the biggest gap in your program, and use the recommended next steps to determine where to go next. Use the model to then track your program’s growth over time so you know your next steps as your organization evolves.

Switchback - Privacy Maturity Model
Before You Create Your Program

Getting Started With Privacy

Learn the Language

There are a myriad of words and phrases within the realm of data privacy, and it can be hard to wade through it all.

In this glossary, we’ve provided some of the most commonly used acronyms, categories of people and organizations, compliance concepts, legal terms, and more so you don’t have to open the dictionary every time a new data privacy law is released.

Learn the Language - switchback

Creating Clarity With Privacy Policies

Privacy policies tell consumers about what types of data you collect, how you collect it, the purpose of and legal basis for that collection, as well as what their rights are, how long you’ll keep their data, who you share it with, and your security measures for keeping it safe. 

Our comprehensive checklist tells you everything you need to know to create your own, and it provides you with a few examples to review.  

Privacy Policies - switchback

Privacy Regulations

There are several privacy regulations from around the globe. Here are a few guides to help you comply with some of them.

GDPR Compliance

The European Union became one of the main leaders in data privacy when the General Data Protection Regulation (GDPR) came into effect in May of 2018. With it came several principles privacy professionals are familiar with today, such as subject rights, privacy by design, data minimization, records of processing activities, and more.

gdpr-rep-image-header-EU-flag

U.S. Data Privacy

Since California introduced the California Consumer Privacy Act (CCPA) in 2020 (more on that below), several privacy laws have popped up in individual states across the country. We’ve developed several guides to help you prepare, starting with the U.S. Data Privacy Law Guide.

US Map - Switchback

California: The First U.S. Comprehensive Data Privacy Law

California established the first comprehensive data privacy law in the United States when it passed the CCPA in 2018. The state then upped the stakes with its addition to the law—the California Privacy Rights Act (CPRA), which was passed in 2020 and came into effect on January 1, 2023. It is currently one of the strongest data privacy laws in the United States. Learn more about how to comply with the law with our Survival Guide.

California Flag - switchback
Resources

Here are a few more resources to help you understand privacy regulations.

Data Privacy Laws: What You Need to Know in 2024

States and countries are rapidly enacting data privacy laws. Learn about new laws and how they might impact your business operations in 2024 and beyond.

Learn more

The Definitive Guide to Brazil's Privacy Law, the LGPD

The U.S. and the EU aren't the only data privacy laws in the entire world. Another comprehensive data privacy law that you'll need to understand is the General Law for the Protection of Personal Data (LGPD).

Learn more

The Anatomy of a Data Privacy Law: Demystifying Privacy

Learn the basic principles underlying most data privacy laws and the specific components you’ll come across in different laws.

Learn more
Keeping Track With Assessments, Records, and Maps

Record-Keeping for Data Privacy

Data Mapping

To truly grasp what you’re collecting, how much of it you have, and where it is across your organization, you need a data map. This way, when you do get started on more downstream privacy-related tasks—like the assessments listed below—you’ll already have a handle on one of the most difficult aspects of the task at hand. Get started with our free checklist:

The Data Map - switchback

Records of Processing Activities

The GDPR introduced a new term, “Record of Processing Activity”—also known as a RoPA—in its Article 30. With this article, RoPAs became a requirement for each controller to maintain.

What exactly is a RoPA? It’s a document that outlines all of your business’s data processing activities, from HR and marketing to third-party activities and cross-border data transfers. Learn about everything that goes into one in our guide below.
 

RoPA - switchback

Privacy Assessments

Businesses are no stranger to assessments. There are assessments in almost every aspect of business, and the same can be said for data privacy. Privacy risk assessments, such as data protection impact assessments (DPIAs) and privacy impact assessments (PIAs), are often a staple in data privacy laws. Meanwhile, vendor privacy assessments can help you determine if there are privacy risks associated with a new third-party vendor.

Privacy Assessments - switchback
Resources

Here are a few more resources to help you understand data mapping and assessments.

What Is a DPIA (Data Protection Impact Assessment)?

One requirement of the GDPR and other privacy laws is the completion of DPIAs, or data protection impact assessments. What are DPIAs? Learn more here.

Learn more

Privacy Impact Assessment Guide: 7 Best Practices to Master PIAs

With PIAs, you can systematically identify and mitigate privacy risks. Learn the top 7 PIA best practices to stay compliant and foster a culture of privacy.

Learn more

Data Mapping for Data Privacy Essentials

Data mapping can help your organization understand what types of data you’re collecting, how much of it you currently have, where it lives, and who has access to it. Use this guide to access all of our resources on data mapping for data privacy.

Learn more
Expert insights

Key Resources on All Things Privacy

Discover actionable tips straight from our team of legal and privacy experts through our blogs, webinars, eBooks, guides, and more.

The ROI of Privacy Management - listing

The ROI of Privacy Management

Learn why organizations that invest in data privacy gain a return of up to $2.70 for every dollar spent.

Download Now
Customer story - Lattice

Building Compliance into Marketing Operations Puts Privacy First

Lattice uses Osano to eliminate operational complexity, align marketing and compliance teams, and fulfill its promise of being a privacy-first organization.

Read Now
US Data Privacy Checklist hero

2024 U.S. Data Privacy Checklist

Download our checklist to learn what your first steps should be, regardless of which law applies to your organization.

Download Now

Simplify Data Privacy Compliance

With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.

Next Steps

Need Help Getting There?

Book a Demo With Our Team

1. Evaluate vendors.

Evaluate vendors. When your business wants to add a new cookie, you need to evaluate the vendor the cookie is associated with. Is this a reputable vendor you want to have on your website? A product like Vendor Privacy Risk Management can help give you insights into potential vendors. During this time, you can also create a Privacy Impact Assessment (PIA).

2. Confirm functionality.

Once you’re ready for the new cookie, or while you’re evaluating your existing cookies during ongoing maintenance, you need to confirm the cookie type, business purpose, retention policy (how long will this cookie retain data?), and what data is or will be processed. During this time, you can add the cookie or script to a staging environment.

3. Add the cookie to your website or CMP.

After confirming functionality, add the cookie or script to your production environment and add any classification work to your consent management platform.

4. Update disclosures and policies.

Once your users are being tracked by the new cookie or script, it’s important to update your cookie notices and disclosures and your privacy policies.

5. Implement ongoing maintenance.

Monitor and address any data concerns stemming from the data collected with annual vendor relationship evaluations and real-time monitoring of security concerns. 


These five repeatable steps will help you keep track of the cookies that are currently on your site, ensuring your organization is compliant while building trust with your customers and prospects over time.   

But cookie governance is just one part of the privacy program journey. To build a program dedicated to operational excellence without losing track of your progress with cookie governance, download the Osano Privacy Program Maturity Model. 

Keep Up With Privacy

Don’t Lose Track of the Latest Privacy News

Subscribe to “The Privacy Insider” newsletter to keep track of the latest data privacy news, learn tips for maintaining your privacy program, and gain insights into top stories each week.