Privacy & Data Protection Compliance Program
Operations IT Ops Executive
The prompt
Our {{client_name}}] collects personal data and must comply with GDPR, CCPA, and other privacy laws. Build a comprehensive privacy compliance program covering all required elements.
Include: (1) Data inventory – what personal data do we collect? From whom? For what purpose? How long retained? (2) Legal requirements – specific requirements under GDPR, CCPA, and other applicable laws. (3) Gap assessment – where are you non-compliant? Consent, disclosures, data subject rights, international transfers? (4) Technical controls – encryption, access controls, breach response, system logging? (5) Process & documentation – data protection impact assessments, vendor agreements, breach notification procedures, data retention policies? (6) Implementation roadmap – prioritized fixes over 6-12 months. Timeline? Budget? Responsibility?
Include sample privacy policies, data processing agreements, breach notification procedures, and data protection impact assessment templates. Make it practical. Why this works
Privacy violations are expensive and reputationally damaging. Proactive compliance avoids fines and customer trust erosion.
Risks & review
Privacy laws evolve rapidly. Build flexibility into your program for future regulatory changes and build monitoring of new requirements.