Case StudyPrivacy Culture and Change Transformation
A leading provider of Compliance Management Programs to State and Local Governments. They combine consulting, technology and outsourcing services to cover the end-to-end management of compliance programs.
Deploying Change Champions to Achieve Privacy Compliance
Working collaboratively with the Executive Team, we appointed a number of key individuals across the organization as Change Champions. We created awareness of the issue and built a compelling narrative that was repeated in all communications and meetings. The message was further enhanced through multiple workshops and by inviting the Deputy Privacy Commissioner to present at a company-wide forum. To ensure that Privacy was always front of mind, posters, stationery and mouse-pads were distributed across the organization and all managers had to incorporate a “Privacy Moment” in meeting agendas. In parallel, a robust process with a triage function was built to ensure early identification, prioritization and management of any privacy breaches. We identified key metrics and developed dashboards to track progress and then trained the business units on how to. Regular feedback was provided to all teams and iterative improvements designed. These learnings were shared through “brown bag” lunch workshops and posted on an intranet site. Continuous Improvement discussions became part of the standard team meeting agenda.
After a period of 6 months, Privacy was very much part of the way things were done in this organization, was talked about and understood by all employees, and potential breaches were identified before they occurred.
Privacy compliance is a difficult topic to gain buy-in and support from employees. The Deputy Privacy Commissioner was able to provide real-life examples where privacy breaches had personally impacted individuals. At this point, we were able to reach the hearts and minds of the employees. Once this had been achieved, ongoing reinforcement via meetings, comms, posters etc, provided the reinforcement necessary to ensure continued focus.
Internal Privacy Advocates
Cost avoidance achieved