Privacy impact assessments are a cornerstone of robust privacy compliance frameworks and an important part of a mature privacy program. PIAs proactively equip companies and institutions with an understanding of data processing and privacy impacts as well as possible remediation. Mandatory in California, Colorado, Connecticut, Texas, the EU and other regions, PIAs are non-negotiable in an increasing number of jurisdictions for high-risk processing activities (potentially harmful impacts to the individual).

Privacy impact assessments are a cornerstone of robust privacy compliance frameworks and an important part of a mature privacy program. PIAs proactively equip companies and institutions with an understanding of data processing and privacy impacts as well as possible remediation. Mandatory in California, Colorado, Connecticut, Texas, the EU and other regions, PIAs are non-negotiable in an increasing number of jurisdictions for high-risk processing activities (potentially harmful impacts to the individual).

Despite all the advantages and benefits of AI, most of us are at the beginning of our AI governance journey.  We need to learn how to handle and protect data during its use.  Let’s talk about some of the key aspects of AI governance!

This presentation will discuss how to ensure your company has AI policies and plans in place based on industry best practices and applicable regulations. It will take into consideration the developing frameworks and other quickly evolving regulations.

Our first monthly PETed Sip & Chat hosted by Janelle Hsia! Join us the 3rd Friday of every month at 11:00AM ET throughout 2025. Grab a beverage and come discuss Data Subject Requests (DSRs)!

IOPD President R Jason Cronk welcomes you to ask all your burning questions about the Design Process Standard published last year. The need for this standard is a culmination of several factors, and details the components necessary in a design process to incorporate privacy considerations and reduce privacy risks to individuals. The process could be the design of products, services or business processes and spans the lifecycle from ideation to deployment.

What are the risks posed by the use of third-party code in the mobile ecosystem? How can you identify those risks before they become a regulatory headache?

Come Learn the Language of Privacy with Janelle Hsia at the 2024 PMI Mile Hi Symposium on April 5th in Denver! This is Colorado’s event for project management professionals, and over 1000+ of the brightest minds will be gathering at the Denver Convention Center!

It’s all about the data.  Whether it's Data Subject Request or a Data Breach the amount of effort, cost and impact on a company's reputation depend on the quantity and the type of personal data involved.  The more personal data, the larger the consequences…

Artificial Intelligence (AI) is everywhere, even in places we don’t expect. We will explore a few areas like content generation, surveillance, and tracking with a deep dive into how companies utilize AI by extracting personal data and impact our everyday lives.

A short discussion of what a vector database is, how its popularity is soaring, why organizations are adopting it, and the many risks and misconceptions associated with the new types of data going into them.

“Privacy by design” has been part of the cybersecurity and privacy practitioners’ vernacular for well over a decade, but for many the phrase remains vague. In some of the new privacy laws, both in the US and globally, privacy by design is becoming something that companies must now implement. It can no longer be "vague."

Today Artificial Intelligence (AI) can be the dividing line between who gets help and who is left behind.  An algorithm can not only be racist and decide who deserves what, but it can also lie faster and more convincingly.  We will explore the following areas with a deep dive into how companies utilize AI by extracting personal data and impacting our everyday lives.

Artificial Intelligence (AI) is everywhere, even in places we don’t expect. We will explore generative artwork, digital assistants, automated license plate readers, and smart home devices with a deep dive into how companies utilize AI by extracting personal data and impact our everyday lives.

Do your employees unknowingly put personal or sensitive information (like mobile number, email address, social security number, etc.) in emails or PDF documents and accidently expose that information to the wrong people? In a world when employees are using tools like ChatGPT for productivity, do they need help generating synthetic data or learning what data to redact before uploading?

Its all about the data. Whether it's Data Subject Request or Data Breach the amount of effort, cost and impact on a company's reputation depend on the quantity and the type of personal data involved.

A discussion of Privacy Operations for new Privacy laws coming into enforcement in 2023. This will be a conversation around how to best ensure compliance with CPRA and VCDPA as well as the new laws enacted by Colorado, Connecticut, and Utah. We will also touch on the other states that are coming into enforcement within the next 2 years.

The Colorado Privacy Act (CPA) goes into effect on July 1, 2023. We’ll discuss the CPA's new Universal Opt-Out Mechanism (UOOM) in light of current Global Privacy Control (GPC) guidelines. Plus, with the Sephora decision in 2022, the California Attorney General threw down the gauntlet with a $1.2 M fine and let companies know that ignoring clear consumer signals will not be tolerated. This session will discuss the history of consumer preference signals like Do Not Track/Do Not Target (DNT), the technology behind the new GPC, and the regulations driving adoption. As new state privacy laws are enacted in the US, understanding UOOM and GPC will become critical to your company's success.

Its All About Data at 1:10 PM with Janelle Hsia! Join us in person at the ISACA Phoenix Chapter Meeting (with Virtual Option).

While Do Not Track/Do Not Target (DNT) failed, the Global Privacy Control (GPC) will have the force of law. This session will discuss the history of consumer preference signals, the technology behind the new GPC, and the regulations driving adoption. As new state privacy laws are enacted in the US, understanding GPC will become critical to your company's success.

Learn the dirty little secrets to going from thinking and reading about creating a privacy program to implementing and running one. No legalese, no technical jargon, no buzz words, no assessment required - just a practical privacy approach that includes strategies and tactics that can be applied to help you get or stay compliant with the evolving privacy regulations.

In this episode of the IEEE Digital Privacy Podcast Series, Janelle RW Hsia shares her insights on integrating privacy and security with technology to advance the digital privacy space. Learn what it takes to integrate privacy and security with technology, what Janelle calls the trifecta of a sustainable data privacy program

Applied Privacy: The dirty little secrets of creating a privacy program

F5: Designing Privacy Into Your Smart System

Applied Privacy: The dirty little secrets of creating a privacy program

Companies are the ones collecting and analyzing our personal data and they are the only ones who actually know how and why they are using it. It’s not just Facebook, Amazon, Apple, Microsoft, and Google anymore, almost every company has joined the race to collect as much data about us as they possibly can.

What is "Privacy Risk?" Three Modern Methods for Risk Assessment

The ISSA Privacy SIG would like to introduce a new series called Birds of a Feather (BoF). The BoF series will provide our ISSA Privacy SIG Members an opportunity to engage on topics relevant to their jobs.