Menu Close Menu

Menu

Account

Integrated Data Privacy - a management approach for the future

Co-Founder of OCEG, a global nonprofit think tank that provides standards, guidelines, and online resources to help organizations achieve Principled Performance.

OCEG is pleased to announce release of the Integrated Data Privacy Capability Model and a new certification for Integrated Data Privacy Professionals.

Today OCEG released the Integrated Data Privacy Capability Model and associated certification for Integrated Data Privacy Professionals. Unlike other available resources and certifications, which generally outline the requirements of various data privacy regulations and tell you what you need to comply with, through this Capability Model we are seeking to help you understand how to meet those needs.

Applying the Capability Model will help you to keep your company (and yourself) out of the hot water where Drizly found itself earlier this week, when the U.S. Federal Trade Commission (FTC) announced a proposed order against the company and its CEO, James Cory Rellas, for security failures that exposed data of 2.5 million consumers.

The FTC’s press release includes a statement that "Notably, the order applies personally to Rellas, who presided over Drizly’s lax data security practices as CEO. In the modern economy, corporate executives frequently move from company to company, notwithstanding blemishes on their track record. Recognizing that reality, the Commission’s proposed order will follow Rellas even if he leaves Drizly. Specifically, Rellas will be required to implement an information security program at future companies if he moves to a business collecting consumer information from more than 25,000 individuals, and where he is a majority owner, CEO, or senior officer with information security responsibilities."

The new OCEG Integrated Data Privacy Capability Model is designed to help organizations avoid the types of problems that Drizly appears to have had.

Together with a global review committee of privacy experts and the input of OCEG training partner Straits Interactive, we have developed a capability model that offers a detailed step-by-step guide to designing, running and evaluating a strong data privacy program for any organization.

Following the structure of the GRC Capability Model, we walk you through every stage of identifying relevant requirements for your organization, keeping track of where and how you are collecting and processing personal information, and ensuring that your data privacy program is transparent and auditable.

Featured in: Free , Data Privacy

Related Resources
Back to top
OCEG © 2002 - 2024 OCEG

Terms of Service

Privacy Policy

support@oceg.org

Contact Us

Information & Billing:
+1 (602) 234-9278

Principled Performance, Driving Principled Performance, Putting Principles Into Practice, OCEG, GRC360°, ActiveLearning, EventDay and LeanGRC are registered trademarks of OCEG.

Protector Skillset, Protector Mindset, Protector Code, Lines of Accountability, GRC Professional, GRCP, GRC Fundamentals, GRC Auditor, GRCA, GRC Audit Fundamentals, Data Privacy Fundamentals, Integrated Data Privacy Professional, IDPP, Policy Management Fundamentals, Integrated Policy Management Professional, IPMP, Integrated Audit & Assurance Professional, IAAP, Integrated Governance & Oversight Professional, IGOP, Integrated Strategy & Performance Professional, ISPP, Integrated Risk Management Professional, IRMP, Integrated Decision Management Professional, IDMP, Integrated Compliance & Ethics Professional, ICEP, Integrated Business Continuity Professional, IBCP, Integrated Information Security Professional, IISP are trademarks of OCEG.