Sustainable Compliance

"My life has been filled with epiphany moments, you know,  moments where the scales have fallen from my eyes and I thought, ah, get it," says Emma Martins in this interview.For a number of years Emma Martins was the Data Protection Commissioner at the Office of the Data Protection Authority of the Channel Islands. She now advises on data protection matters.In this interview, Emma Martins talks about her epiphany moments that led her to a career in data protection. We talk about why data protection is important, what excites her about it and what she is worried about ... and much much more.Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.comWired Relations is a GRC solution - tailored for privacy and information security.We help organisations turn fragile privacy and information security into sustainable GRC programmes.We focus on four things:Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

At TDC NET they have a strong privacy and security culture. No system or vendor enters the network without being thoroughly vetted by both data protection and information security. This happens due to a governance model that is anchored in the organisation and has buy-in at top management.TDC NET provides a great part of the digital infrastructure in Denmark, through fixed-line and mobile networks.In this podcast, Jacob Høedt Larsen, talks to Head of Privacy Compliance, Mona Persson about how they make it work.They discuss:1. How the governance model is set-up2. How a new system or a new vendor goes through the governance process3. What it takes to make it all workYou'll gain practical insights into how to set-up your own process.Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.comWired Relations is a GRC solution - tailored for privacy and information security.We help organisations turn fragile privacy and information security into sustainable GRC programmes.We focus on four things:Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.The Powerpoint-presentation: https://3963040.fs1.hubspotusercontent-na1.net/hubfs/3963040/Webinars/Pr%C3%A6sentation%20til%20andre%20BU%20-%20Wired%20(english).pptx.pdfFollow Mona Persson on Linkedin: https://www.linkedin.com/in/monapersson/

In this podcast you get a 7-step cheat sheet to securing buy-in for your data protection programme.Get the presentation here: https://3963040.fs1.hubspotusercontent-na1.net/hubfs/3963040/Presentations/20240425_masterclass_DPIA%20securing%20buy-in.pptx.pdfThe steps are:🎯 What do you really want?🌍 What do they think about this right now?🎤 What will they lose by not doing what you think?🗞 Where can you reach them?👯 Who will support you?🧠 Speak to the mind … and the gut📅 Get organisedYour host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.comWired Relations is a GRC solution - tailored for privacy and information security.We help organisations turn fragile privacy and information security into sustainable GRC programmes.We focus on four things:Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

The DPIA process is important. In this podcast we look at it from the organisational perspective. How do you make it work - not legally or technically - but organisationally.You find the presentation here: https://3963040.fs1.hubspotusercontent-na1.net/hubfs/3963040/Presentations/20240405_masterclass_DPIA.pptx.pdfIt:Supports good decision-making,Good governanceComplianceOften no DPIA is required – documents the non-actionIt is also good practice to do a DPIA for any other major project which requires the processing of personal data. (ICO)However, data protection often doesn't now when a new system is coming on board. It is a cultural issue and we have to do many things to chance it:Training and awarenessDon’t forget VIP’sLet’s put it in a policy (and get it out there)Hybrid organisation and ambassadorsWe have a process (or more)We have buy-inAsk…That is what you'll learn about in this podcast.Your host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/Sustainable Compliance is brought to you by Wired Relations - read more about it here: https://www.wiredrelations.comWired Relations is a GRC solution - tailored for privacy and information security.We help organisations turn fragile privacy and information security into sustainable GRC programmes.We focus on four things:Ease-of-use: You don’t need consultants to implement Wired Relations and you don’t need training to use it.Collaboration: Privacy and infosec is a team sport. We make it easy to collaborate.Overview: Privacy and infosec is complicated enough as it is. Wired Relations makes it easier to get an overview - not harder.Organising for GRC: The trick is to organise your processes and workflows so that you can sustain your programme.

Shifting Privacy Left is a conscious effort to embed privacy practices earlier in the development life cycle to prevent privacy harms and data breaches from forming, Privacy Tech Advisor Debra Farber says.In this interview Debra Farber and I discuss what Shifting Privacy Left does, how it helps organisation, what competencies are needed and how it is implemented.My take-aways from the interview:Privacy requirements should be table stakes and functional product requirements, not something that comes from legal or the privacy team.Privacy by Design is the strategy, Shifting left is the implementation.It's a cultural shift which requires upskilling. Today, most developers, don't think privacy is their responsibility. Therefore, they should learn about privacy and data protection.Shifting Privacy Left can solve problems, lessening the compliance burden down the line. You host: Jacob Høedt Larsen, follow me on Linkedin for more news and views on compliance and privacy: https://www.linkedin.com/in/jacobhoedtlarsen/Debra J. Farber is a globally-recognized Privacy, Security and Ethical Tech Advisor and Principal and Host of The Shifting Privacy Left Podcast.The Shifting Privacy Left Podcast: https://shiftingprivacyleft.com/audio/8323Sustainable Compliance is brought to you by Wired Relations - read more about here: https://www.wiredrelations.com

Making a Data Protection Impact Assessment (DPIA) on Google Workspace for schools is a huge undertaking. In Norway they've decided to collaborate on it. Today, Jacob Høedt Larsen, talk to project manager, Ida Thorsrud, about the project and learnings from it.Some take-aways:It has been possible to co-operate with Google in the proces, something that Ida has never experienced beforeParents, teachers and pupils are involved and give the project team a much better view of risks to the "data subject"Project participants learn a lot from the process that can be put to use in their everyday jobResponsibility lies with the municipalities. Therefore, the project aims at making it 80 % ready.You can follow the project by subscribing to their English newsletter: https://nyhetsbrev.ks.no/p/s/MTk4ODA6ZmUyZjg3ZTQtYWZmYS00NGZjLWE2MzItYmNkNjFlNmEyOTBmFollow your host, Jacob Høedt Larsen, on Linkedin for more news and views on Sustainable Compliance: https://www.linkedin.com/in/jacobhoedtlarsen/Sustainable Compliance is brought to you by Wired Relations - read more about us here. 

From tick-the-box compliance to balanced decision-makingIn this episode we'll go deeper into the second trend of Sustainable Compliance and look at why things are changing from a mindset of "tick-the-box compliance" to a "balanced decision-making". We'll also share learnings on how to get there.Why tick-the-box compliance is not a great idea.💵 Calculating 4 % of global revenue for fines does not make sense anymore.To most companies discovery risk is low, and the level of fines have never reached that level.👮🏻‍♀️Management buy-in should not be based on fear of fines.It should be based on how the privacy program positively benefits the organisation.📚 Legal requirements are important.So are the demands and wishes of our customers, colleagues, local community and other stake holders.We should broaden the scope of our privacy compliance.💻 Spread sheets are great for many things (I'm told).They proved less optimal for privacy compliance because keeping them up-to-date became a hassle. Many have not been updated since 2018.✅ Tick-the-box compliance is dying. And we shouldn’t lament that.Instead, let’s replace it with making balanced decisions on data compliance taking the law, value creation and public expectations into account.😇 Feeling good about your job is important.However, only feeling good when you ARE compliant will make you feel miserable most of the time.Let’s feel great about the process of compliance.🧑🏼‍💻 And finally. Data compliance is real work and provides benefits to the organisation.Follow your host, Jacob Høedt Larsen, on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/Read more about the cooperation problem, Officers and Operators on our blog: LINKSustainable Compliance Live is a weekly show and you’re invited. Subscribe to our newsletter and get the agenda every week: https://www.wiredrelations.com/datasustainability#data-sustain-formThe five trends of Sustainable Compliance are:Trend # 1 From centralized authority to company-wide collaborationTrend # 2 From tick-the-box compliance to balanced decision-makingTrend # 3 From problem-oriented to solution-orientedTrend # 4 From legal thinking to strategic involvementTrend # 5 From managing data subject to caring about people

Lack of collaboration with your organisation is detrimental to your privacy and infosec programme.If you’re unable to create a climate of collaboration within your organisation, you will be less effective as a compliance pro AND data protection and information security will suffer.The solution: Officers and Operators.This is what we discuss in this episode of Sustainable Compliance Live, a weekly online show from Wired Relation where we discuss sustainable compliance.Follow your host, Jacob Høedt Larsen, on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/Read more about the cooperation problem, Officers and Operators on our blog: LINKSustainable Compliance Live is a weekly show and you’re invited. Subscribe to our newsletter and get the agenda every week: https://www.wiredrelations.com/datasustainability#data-sustain-formThe five trends of Sustainable Compliance are:Trend # 1 From centralized authority to company-wide collaborationTrend # 2 From tick-the-box compliance to balanced decision-makingTrend # 3 From problem-oriented to solution-orientedTrend # 4 From legal thinking to strategic involvementTrend # 5 From managing data subject to caring about people

In this live episode of Sustainable Compliance we take a look back on how the compliance landscape has changed over the years and gather the trends that we see in this space now.Jacob Hoedt Larsen starts by taking us back to the days when he worked in a candy factory that was implementing some of the first IT systems through the times of mass adoption of systems to now. We will see how the role of the compliance function has changed over time to become involved in much more that just the legal aspect. Trend # 1 From centralized authority to company-wide collaboration Trend # 2 From tick-the-box compliance to balanced decision-making Trend # 3 From problem-oriented to solution-oriented Trend # 4 From legal thinking to strategic involvement Trend # 5 From managing data subject to caring about people For more information about Sustainable Compliance, visit our website Follow Jacob Hoedt Larsen on LinkedIN

DPIA spells collaborationIn this episode, they dive into the topic of Data Protection Impact Assessments (DPIAs) and the importance of collaboration in ensuring privacy-friendly practices.In this podcast you will learn about:The consequences of being in a siloed compliance functionWhy you as a privacy professional should ensure company wide collaborationHow you go from working in a silo to company wide collaborationYou will learn about how to use frameworks and stakeholder management as tools to collaborate in a better way.Jakob tells the story of Jennifer, who finds herself in a challenging situation involving a project and the need for a DPIA. The host, Benjamin, and Privacy evangelist, Jacob, discuss the misconceptions surrounding DPIAs and the typical scenarios that lead to their implementation.The podcast delves into the consequences of asking compliance professionals to justify decisions that have already been made, rather than focusing on privacy-friendly practices from the start. They explore the concept of siloed compliance functions and how it affects organizations' overall data protection efforts.To address these issues, Benjamin and Jakob propose a shift towards company-wide collaboration, emphasizing the importance of involving privacy professionals early in the project lifecycle. They discuss the ideal meeting scenarios and ways privacy professionals can contribute to the process.Your hosts: Benjamin Pomerleau (https://www.linkedin.com/in/benjamin-pomerleau/) is a product marketeer at Wired Relations. Jacob Høedt Larsen (https://www.linkedin.com/in/jacobhoedtlarsen/) is a privacy evangelist at Wired Relations. As well as hosting this podcast, he discusses and shares on privacy compliance on Linkedin daily.Wired Relations is a privacy tool for GDPR and InfoSec Management. It helps you automate and collaborate on your privacy workflow to get trustworthy faster.www.wiredrelations.com/datasustainability

Privacy and marketing are like oil and water. But, it doesn't have to be that way.In this talk with founder of Raze, Siobhan Solberg, we dive into, how we improve this relationship. Siobhan is an expert on both marketing and privacy and has worked on several projects involving both.We talk about:1️⃣ How privacy can help grow companies2️⃣ How marketing and privacy can work together3️⃣ What gets in the way of such collaboration and4️⃣ What can be done to improve it.My (Jacob Høedt Larsen) biggest take-aways from this talk:✅ Marketing can help privacy communicate the things we do to build trust✅ Many marketing people felt that privacy pulled the rug from under them.✅ We need to understand, that we all serve the same user - that's really a common goal between privacy and marketing.Share your take-aways with Jacob Høedt Larsen on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/Siobhan Solberg (https://www.linkedin.com/in/siobhans/) is the founder Raze. You should subscribe to her newsletter: https://siobhansolberg.com/newsletterYour host: Jacob Høedt Larsen (https://www.linkedin.com/in/jacobhoedtlarsen/) is a privacy evangelist at Wired Relations. As well as hosting this podcast, he discusses and shares on privacy compliance on Linkedin daily.Wired Relations is a privacy tool for GDPR and InfoSec Management. It helps you automate and collaborate on your privacy workflow to get trustworthy faster.www.wiredrelations.com/datasustainability

Jacob has been interviewed by Jamal Ahmed for his podcast: Privacy Pros podcast. We're reposting it here, and you should follow the podcast feed from Jamal as well https://privacypros.captivate.fm/This is the original description of the podcast.Turbocharge Your Mental Skills & Transform Your Career with a Privacy PowerhouseGet ready for an electrifying and transformative podcast experience!Our guest is a Privacy Pro with a powerful, dynamic approach to storytelling and coaching. He's worked with athletes and SWAT leaders, honing their mental skills to maximise performance and success.Hi, my name is Jamal Ahmed and I'd like to invite you to listen to this special episode of the #1 ranked Data Privacy podcast.In this gripping episode, you'll discover: The art of strategic storytelling and how to use it to drive transformation How to talk about privacy in a way that sparks motivation and enthusiasm How to master rapport-building to forge powerful connections Plus: the visualisation technique athletes use for high-performance and success!

"If you just have that legal focus, you may be perceived as the necessary evil, rather than being a partner," says Tim Clements in this podcast.Tim and Jacob talks about:1️⃣ The 3 top issues in data protection programs2️⃣ Which competencies are needed in privacy pros in the future and3️⃣ How to train for itJacob's take-aways from this interview:✅ In many companies data protection is seen as a purely legal issue. That's a problem.✅ Data protection is a team sport (and lawyers are the goal keepers - you don't want 11 of those in your football team).✅ Your job as a privacy pro is making complex concepts easy to make it a great experience for your colleagues, management and customers.✅ Look to other sectors for inspiration. The advertising industry is great at getting attention.✅ The best course Tim ever took on privacy... was business analysis.✅ Training employees should be empowering. They should take responsibility and even create their own materials.✅ You should have a data protection strategy and it should be aligned with business strategy.Share your take-aways with Jacob Høedt Larsen on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/Tim Clements (https://www.linkedin.com/in/tim-clements-copenhagen/) is the founder of Purpose and Means (https://www.purposeandmeans.io/), the home of purpose-driven data protection strategies.Your host: Jacob Høedt Larsen (https://www.linkedin.com/in/jacobhoedtlarsen/) is a privacy evangelist at Wired Relations. As well as hosting this podcast, he discusses and shares on privacy compliance on Linkedin daily.Wired Relations is a privacy tool for GDPR and InfoSec Management. It helps you automate and collaborate on your privacy workflow to get trustworthy faster.www.wiredrelations.com/datasustainability

Are you looking to break in to privacy?Or take your privacy career to the next level?Don't miss this privacy career advice from Michael Jared Coseglia of TRU Staffing Partners. He has placed over 5,000 privacy pros in jobs over the years.We talk about important skills for privacy professionals and Jared reveals THE most important one.Jacob Hoedt Larsen's take-aways from the conversation (listen and share your own take-aways):1. Privacy is an open industry. It is possible to transition from other career paths to privacy.2. It's a fast-paced business. What employees are looking for changes often, so stay flexible and up-to-date.3. Regulatory compliance pays less than broader based privacy compliance.4. Hiring companies look for mid-market professionals, that is middle-managers with 5-7 years of experience.5. People skills is THE superpower of privacy professionals.Jared Michael Coseglia is the founder and CEO of TRU Staffing Partners, which represents talent in privacy, cybersecurity and e-discovery.TRU Staffing Partners: https://www.trustaffingpartners.com/TRUE Staffing Partners Knowledge Center: https://www.trustaffingpartners.com/knowledge-centerHost: Jacob H. Larsen, Privacy Evangelist at Wired Relations, host of Sustainable Compliance.Follow him on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/Wired Relations is a privacy tool for GDPR and InfoSec Management. It helps you automate and collaborate on your privacy workflow to get trustworthy faster.We want to rethink compliance - join us: https://www.wiredrelations.com/datasustainabilityCreate a free account and test the privacy compliance system: https://www.wiredrelations.com/start/create-account

Most compliance professionals feel overwhelmed by the constant stream of information about their area. New legal developments, new technical stuff to look into and on top of that internal things like new systems and ways of working.Information overload can hamper a privacy program.In this episode Jacob H. Larsen speaks to Rie Walle about getting a system to stay up-to-date.Take aways on making a system for staying current:1. Find your trusted sources. Be critical.2. Use the wisdom of the crowd. 3. Opt-out. Be clear about what you do NOT need to know.4. Put it in a system. Jacob uses a simple Database in Notion, Rie utilizes Excel5. Focus on the basics6. THEN specialize 8. Make use of the privacy and compliance network - it's a friendly one9. Put "studying" in your calendar at least once a weekHost: Jacob H. LarsenFollow him on Linkedin for news, views, how-tos and tools about compliance, privacy and information security: https://www.linkedin.com/in/jacobhoedtlarsen/By: Wired Relations - www.wiredrelations.comRie Walle is a Grumpy GDPR podcast host, Speaker & Lecturer  as well as an External/Fractional DPOLinkedin: https://www.linkedin.com/in/riealeksandra/No Ties Consulting: https://www.noties.consulting/Grumpy GDPR podcast: https://www.noties.consulting/grumpygdpr/Data compliance is broken. - Increasing regulations, - high public expectations, - and real business needs have made the data layer exceedingly complex. It’s not balanced with its surroundings anymore. We have to rethink the function and organisation of compliance — and in this podcast we invite you to join that conversation - www.wiredrelations.com/datasustainability