Privacy Fundamentals for Organizations
1h 19mBeginner2025-10-09
Authors
Tate Jarrow
Course details
This course is designed to help you understand the basics of data privacy and its application to organizations. Instructor Tate Jarrow covers the basics of privacy, foundational privacy principles, and the NIST Privacy Framework. Learn about the privacy regulatory landscape and how that influences organizational decisions, and the basics of what happens during a privacy incident response. Tate also shares real-world examples of privacy incidents that impacted organizations, explaining how privacy governance can protect the organization. Finally, get a look at privacy-enhancing technologies and how they can be used to enhance privacy and help improve organizational privacy goals.
Learning objectives
Learn the basics of a data privacy program, and understand how a privacy program fits into an organization's broader GRC Program.
Understand the regulatory environment around privacy, as well as key privacy principles and frameworks and how to apply these concepts to your organization.
Get an overview of privacy-enhancing technologies, and how they are beneficial to improving a privacy program.
Understand how the privacy incidents should be handled.
Learning objectives
Learn the basics of a data privacy program, and understand how a privacy program fits into an organization's broader GRC Program.
Understand the regulatory environment around privacy, as well as key privacy principles and frameworks and how to apply these concepts to your organization.
Get an overview of privacy-enhancing technologies, and how they are beneficial to improving a privacy program.
Understand how the privacy incidents should be handled.
Concepts
Introduction
- Become a voice for privacy in your organization
Information Privacy and GRC Context
- Data privacy vs. data security
- The importance of privacy
- Privacy's role in GRC
- GRC analyst knowledge, skills, and tasks
- Key roles and teams in privacy management
The Global Regulatory Landscape
- GDPR
- CCPA and CPRA
- The state of privacy regulation in the United States
- Breach notification requirements
Foundational Privacy Principles
- Lawfulness, fairness, and transparency
- Purpose limitation
- Data minimization
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
Privacy by Design
- Proactive, not reactive preventative, not remedial
- Privacy as the default setting
- Privacy embedded into design
- Full functionality (positive-sum)
- End-to-end security
- Visibility and transparency
- Respect for user privacy
Privacy Governance Program
- Understanding the NIST Privacy Framework
- NIST Privacy Framework - Identify
- NIST Privacy Framework - Privacy risk assessment
- NIST Privacy Framework - Govern
- NIST Privacy Framework - Control
- NIST Privacy Framework - Protect
- NIST Privacy Framework - Communicate
Privacy Failure Case Studies
- Facebook's SMS failure
- Cerebral and Monument - Sharing sensitive data for advertising
- Uber - God view employee tracking
- LinkedIn auto opt-in for AI
Operational Privacy - DSRs and Incident Response
- Data subject requests and incident response
The Future of Privacy
- Privacy and AI
Conclusion
- Key takeaways
Related courses
- Synthetic Data as the Future of AI Privacy, Explainability, and Fairness: An Introduction for Data Scientists and Data Executives
- Cybersecurity Foundations: Governance, Risk, and Compliance (GRC)
- Cybersecurity: Securing Information in a Globally Distributed Economy
- SOC 2 Compliance Essential Training
- Security Frameworks Fundamentals
- Cryptography: Technologies for Securing Data and Communications
- Machine Learning Fundamentals for Healthcare
- Microsoft Security, Compliance, and Identity Fundamentals (SC-900) Cert Prep: 4 Understanding Microsoft Security and Compliance Capabilities