Home  |   PRIVA-CTM  |   PrivacyHORIZON  |   PrivacySOURCE  
Quick Search:

CPO Workshop
PIA Workshop
Training for Trainers
Locations
Registration




 
Site Map  |   Contact Us   |  Search 

 Chief Privacy Officer Workshop
PRIVA-C Chief Privacy Officer Workshop Privacy Training You're on the frontline. New legislation. New technology. New sensitivities. A breach of privacy can be a public relations nightmare. A demonstrable program of privacy compliance is your protection. As the person in your organization responsible for privacy, there is a lot of information you need to know. Privacy compliance is so new, some executives don't even know what questions to ask.

The Chief Privacy Officer Workshop prepares you to create and maintain a successful privacy compliance system. Learn what a Chief Privacy Officer (CPO) needs to know - the key Federal and Provincial legislation, the policies, the difference between "security" and "privacy", how to deal with stakeholders, how to use new privacy technologies and more. We'll show you how to develop a demonstrable program of privacy compliance in your organization.

Who should attend?

Anyone who is responsible for privacy compliance or manages personal information in your organization:
  • CPOs
  • CIOs
  • IS/IT Professionals
  • Privacy Officers
  • Risk Managers or Directors
  • Corporate Compliance Officers
  • Information Security Officers
  • HR Managers/Directors
Objectives/Benefits

  • Equip - Provide CPOs with the skills, knowledge, tools, and resources needed to fulfill both legal and corporate obligations
  • Demonstrate - Enable CPOs to demonstrate to executives, clients, patients, employees, shareholders, and other interested parties, that managing privacy is "do-able"
  • Network - Create a professional community and network of trained CPOs
Toolkit

Participants in this workshop will receive the following privacy and security tools:
  • Gap Analysis Tool
  • Comprehensive bibliography with essential privacy resources
  • Access to the PRIVA-CTM resource centre
  • Model privacy policies and statements
  • Copy of COACH Guidelines for the Protection of Health Information
CPO Workshop Program - 2 Days (Tentative Agenda):

Day One

Session One: Privacy Fundamentals
  • Factors driving public, private and non-profit organizations to develop and implement privacy programs - consumer attitudes and expectations, privacy legislation, advances in technology, cybercrime and public safety.
  • The "10 Commandments" of the CSA Model Code for the Protection of Personal Information.
  • The role of security and ISO 17799 - Code of Practice for Information Security Management
Session Two: The Emerging Role of the Chief Privacy Officer
  • The CPO's role and function in a public, private or non-profit organization.
  • Knowledge and skills needed to be an effective CPO
  • How CPO relates to the senior management team and the rest of the organization
  • Writing the CPO job description
Session Three: Privacy and the Law
  • How provincial legislation and the Federal Personal Information Protection and Electronics Document Act (PIPEDA) apply to your organization
  • Legal instruments influencing the privacy issue - industry-specific legislation, regulations, contracts, employment law, and union agreements.
  • When to call in the lawyers
Session Four: Developing your Privacy Policy
  • How to develop and implement a comprehensive suite of privacy policies in your organization, including a privacy statement for publication on your website or in brochures, and a corporate principle-based privacy policy.
  • Impact of privacy on your human resources, information management and operational policies.
Day Two

Session One: Tools of the Trade
  • Tools and methodologies to help manage privacy in your organization - a Privacy Impact Assessment, Threat and Risk Assessment, and privacy enhancing technologies.
  • Conduct a high level privacy gap analysis for your organization
Session Two: Managing Privacy Breaches
  • What to do when a privacy breach puts your organization on the front page of the newspaper.
  • How to respond to a breach, deal with the media, investigate the circumstances of the breach and respond appropriately to the needs of the victim.
  • Involving law enforcement agencies and forensic specialists.
  • How to address the concerns of your Board, senior management and the Information and Privacy Commissioner.
Session Three: Developing and Implementing Your Privacy Program
  • Eight steps to privacy compliance:
    1. Establishing a privacy accountability framework
    2. Establishing a privacy policy framework
    3. Establishing essential privacy procedures
    4. Establishing an information inventory
    5. Privacy in 3rd Party contracts
    6. Training your staff
    7. Communicating with clients/customers
    8. Implementing security controls
Session Four: Engaging Your Stakeholders
  • How to sell your program to senior management
  • How to assemble your "Privacy Team" and get them motivated
  • How to engage all of the key stakeholders in your privacy program -- customers, clients, staff, consultants and contractors, volunteers, and senior management.
  • How to develop and implement a comprehensive privacy program without breaking the bank Identify low-cost quick-hits to kick-start your program.
  • How to motivate the people in your organization - training, staff awareness programs, compliance with privacy policies and disciplinary procedures.
 Privacy Policy  |   Terms of Use   |  Copyright Notice
Copyright © 1998-2008 PRIVA-CTM. All Rights Reserved