Technically Legal - A Legal Technology and Innovation Podcast Where to Begin With Data Governance Frameworks and How Software Can Help (Brandon Wiebe, GC & Head of Privacy, Transcend)
Brandon Wiebe, General Counsel and Head of Privacy at Transcend, offers tips about implementing data governance frameworks and how to utilize software in the process. Brandon’s company is a privacy platform that helps legal and compliance teams automate data compliance tasks.
Brandon explains that most data privacy laws, like the General Data Protection Regulation (GDPR) in the EU and U.S. state laws like the California Consumer Privacy Act (CCPA), generally require similar things of companies:
- notice at the time of customer data collection
- implementation of data security obligations
- that companies have a lawful basis for collecting information and that use of the information is consistent with the companies stated purpose for collecting it
- individuals have the right to opt out of data sale or sharing.
Despite the many data privacy laws already enacted and new ones on the horizon, Brandon is quick to emphasize that data privacy teams should not let perfect be the enemy of good. They must get started somewhere in their data privacy policy journey.
He says the best place to start is an organizational data map detailing all the places in a company’s tech stack holding data subject to privacy regulations. Once a company has its data mapped, it can more easily comply with customer requests for information as permitted under data privacy laws and can also ensure it is not keeping more data than needed.
Brandon also touches on why AI can complicate data privacy efforts, but also notes that artificial intelligence can also assist with data privacy efforts.