Live: From tick-the-box compliance to balanced decision-making
06/23/23 • 35 min
From tick-the-box compliance to balanced decision-making
In this episode we'll go deeper into the second trend of Sustainable Compliance and look at why things are changing from a mindset of "tick-the-box compliance" to a "balanced decision-making". We'll also share learnings on how to get there.
Why tick-the-box compliance is not a great idea.
- 💵 Calculating 4 % of global revenue for fines does not make sense anymore.
- To most companies discovery risk is low, and the level of fines have never reached that level.
- 👮🏻♀️Management buy-in should not be based on fear of fines.
- It should be based on how the privacy program positively benefits the organisation.
- 📚 Legal requirements are important.
- So are the demands and wishes of our customers, colleagues, local community and other stake holders.
- We should broaden the scope of our privacy compliance.
- 💻 Spread sheets are great for many things (I'm told).
- They proved less optimal for privacy compliance because keeping them up-to-date became a hassle. Many have not been updated since 2018.
- ✅ Tick-the-box compliance is dying. And we shouldn’t lament that.
- Instead, let’s replace it with making balanced decisions on data compliance taking the law, value creation and public expectations into account.
- 😇 Feeling good about your job is important.
- However, only feeling good when you ARE compliant will make you feel miserable most of the time.
- Let’s feel great about the process of compliance.
- 🧑🏼💻 And finally. Data compliance is real work and provides benefits to the organisation.
Follow your host, Jacob Høedt Larsen, on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/
Read more about the cooperation problem, Officers and Operators on our blog: LINK
Sustainable Compliance Live is a weekly show and you’re invited. Subscribe to our newsletter and get the agenda every week: https://www.wiredrelations.com/datasustainability#data-sustain-form
The five trends of Sustainable Compliance are:
Trend # 1 From centralized authority to company-wide collaboration
Trend # 2 From tick-the-box compliance to balanced decision-making
Trend # 3 From problem-oriented to solution-oriented
Trend # 4 From legal thinking to strategic involvement
Trend # 5 From managing data subject to caring about people
From tick-the-box compliance to balanced decision-making
In this episode we'll go deeper into the second trend of Sustainable Compliance and look at why things are changing from a mindset of "tick-the-box compliance" to a "balanced decision-making". We'll also share learnings on how to get there.
Why tick-the-box compliance is not a great idea.
- 💵 Calculating 4 % of global revenue for fines does not make sense anymore.
- To most companies discovery risk is low, and the level of fines have never reached that level.
- 👮🏻♀️Management buy-in should not be based on fear of fines.
- It should be based on how the privacy program positively benefits the organisation.
- 📚 Legal requirements are important.
- So are the demands and wishes of our customers, colleagues, local community and other stake holders.
- We should broaden the scope of our privacy compliance.
- 💻 Spread sheets are great for many things (I'm told).
- They proved less optimal for privacy compliance because keeping them up-to-date became a hassle. Many have not been updated since 2018.
- ✅ Tick-the-box compliance is dying. And we shouldn’t lament that.
- Instead, let’s replace it with making balanced decisions on data compliance taking the law, value creation and public expectations into account.
- 😇 Feeling good about your job is important.
- However, only feeling good when you ARE compliant will make you feel miserable most of the time.
- Let’s feel great about the process of compliance.
- 🧑🏼💻 And finally. Data compliance is real work and provides benefits to the organisation.
Follow your host, Jacob Høedt Larsen, on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/
Read more about the cooperation problem, Officers and Operators on our blog: LINK
Sustainable Compliance Live is a weekly show and you’re invited. Subscribe to our newsletter and get the agenda every week: https://www.wiredrelations.com/datasustainability#data-sustain-form
The five trends of Sustainable Compliance are:
Trend # 1 From centralized authority to company-wide collaboration
Trend # 2 From tick-the-box compliance to balanced decision-making
Trend # 3 From problem-oriented to solution-oriented
Trend # 4 From legal thinking to strategic involvement
Trend # 5 From managing data subject to caring about people
Previous Episode
Compliance has a collaboration problem. Here’s how to fix it.
Lack of collaboration with your organisation is detrimental to your privacy and infosec programme.
If you’re unable to create a climate of collaboration within your organisation, you will be less effective as a compliance pro AND data protection and information security will suffer.
The solution: Officers and Operators.
This is what we discuss in this episode of Sustainable Compliance Live, a weekly online show from Wired Relation where we discuss sustainable compliance.
Follow your host, Jacob Høedt Larsen, on Linkedin: https://www.linkedin.com/in/jacobhoedtlarsen/
Read more about the cooperation problem, Officers and Operators on our blog: LINK
Sustainable Compliance Live is a weekly show and you’re invited. Subscribe to our newsletter and get the agenda every week: https://www.wiredrelations.com/datasustainability#data-sustain-form
The five trends of Sustainable Compliance are:
Trend # 1 From centralized authority to company-wide collaboration
Trend # 2 From tick-the-box compliance to balanced decision-making
Trend # 3 From problem-oriented to solution-oriented
Trend # 4 From legal thinking to strategic involvement
Trend # 5 From managing data subject to caring about people
Next Episode
How to collaborate on a DPIA - learnings from Norway
Making a Data Protection Impact Assessment (DPIA) on Google Workspace for schools is a huge undertaking. In Norway they've decided to collaborate on it.
Today, Jacob Høedt Larsen, talk to project manager, Ida Thorsrud, about the project and learnings from it.
Some take-aways:
- It has been possible to co-operate with Google in the proces, something that Ida has never experienced before
- Parents, teachers and pupils are involved and give the project team a much better view of risks to the "data subject"
- Project participants learn a lot from the process that can be put to use in their everyday job
- Responsibility lies with the municipalities. Therefore, the project aims at making it 80 % ready.
You can follow the project by subscribing to their English newsletter:
https://nyhetsbrev.ks.no/p/s/MTk4ODA6ZmUyZjg3ZTQtYWZmYS00NGZjLWE2MzItYmNkNjFlNmEyOTBm
Follow your host, Jacob Høedt Larsen, on Linkedin for more news and views on Sustainable Compliance: https://www.linkedin.com/in/jacobhoedtlarsen/
Sustainable Compliance is brought to you by Wired Relations - read more about us here.
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/sustainable-compliance-283819/live-from-tick-the-box-compliance-to-balanced-decision-making-35778579"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to live: from tick-the-box compliance to balanced decision-making on goodpods" style="width: 225px" /> </a>
Copy