Leveraging Data Responsibly: Why Boards and the C-Suite Need to Embrace a Holistic Data StrategyApril 3, 2024
In this white paper, CIPL proposes a roadmap for building a holistic data strategy that seeks to align the Board and C-suite on data-driven initiatives and provide a framework for promoting innovative and responsible uses of data, including the development and deployment of powerful AI technologies.
|
Cisco-CIPL Report on Business Benefits of Investing in Data Privacy Management ProgramsJanuary 10, 2023
This study by the Centre for Information Policy Leadership (CIPL) and the Privacy Center of
Excellence at Cisco explores the business benefits and return on investment (ROI) of DPMPs. In particular, the study demonstrates that organizations are experiencing a wide range of benefits from investing in DPMPs. These include risk management and compliance benefits, as well as positive benefits to use and leverage data more effectively and confidently for responsible innovation. |
Organisational Accountability in Data Protection Enforcement - How Regulators Consider Accountability in their Enforcement DecisionsOctober 6, 2021
Promoting organizational accountability among all organizations that process personal data has been one of the Centre for Information Policy Leadership’s (CIPL) main areas of focus. An important component of our work on that front has been to identify ways in which data protection laws, public policy, and approaches to enforcement can encourage and incentivize organizational accountability. This paper elaborates specifically on the enforcement component of our previous policy work on accountability.
|
What Good and Effective Data Privacy Accountability Looks Like: Mapping Organisations' Practices to the CIPL Accountability FrameworkMay 27, 2020
CIPL has a long history of exploring accountability-based information management and privacy governance. As part of our work on enabling innovation while also protecting privacy, we are currently exploring how to further develop and improve the existing concept of accountability to maximize both goals.
This report consolidates the findings of CIPL’s Accountability Mapping Project launched in September 2019, which is part of CIPL’s broader work on the central role of organizational accountability in data privacy. |
Organisational Accountability - Past, Present and FutureOctober 30, 2019
Organisational accountability is a powerful tool in the hands of the political and business leaders that are shaping 21st century Europe. It places the responsibility for ethical behavior and the protection of individuals on the organizations that are best placed to achieve it.
|
Q&A on Organisational Accountability in Data ProtectionJuly 3, 2019
This document addresses some commonly asked questions about the concept of organizational accountability in data protection.
|
Incentivising Accountability: How Data Protection Authorities and Law Makers Can Encourage AccountabilityJuly 23, 2018
The objectives of this second paper are, first, to make the case for specifically incentivising organisational accountability and, second, to provide specific suggestions for what such incentives might be. Importantly, the objective in promoting an approach of incentivising accountability is not to weaken or hinder the powers of data protection authorities (DPAs) and, consistent with CIPL’s 2017 discussion paper “Regulating for Results – Strategies and Priorities for Leadership and Engagement”2 (Regulating for Results), it enables DPAs to use other tools in their regulatory toolbox to enable good data practices and compliance.
|
The Case for Accountability: How Data Protection Authorities and Law Makers Can Encourage AccountabilityJuly 23, 2018
It is essential that there is consensus and clarity on the precise meaning and application of organisational accountability among all stakeholders, including organisations implementing accountability and data protection authorities (DPAs) overseeing accountability. Without such consensus, organisations will not know what DPAs expect of them and DPAs will not know how to assess organisations’ accountability-based privacy programs with any degree of consistency and predictability. Thus, drawing from the global experience with accountability to date and from the Centre for Information Policy Leadership’s (CIPL)1 own extensive prior work on accountability, the paper argues that accountability exists along a spectrum, ranging from basic accountability requirements required by law (such as under the GDPR) to stronger and more granular accountability measures that may not be required by law but that organisations may nevertheless want to implement because they convey substantial benefits.
|
Copyright © 2024 by the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP.
|