Developing and Implementing a Global Privacy Program

Background & Challenges

The client is a global organization, continuously acquiring new properties and executing agreements with owners and investors around the world. As a company with entities and assets in the U.S., Europe, Asia, and Latin America, they struggled to build a global privacy program that was tailored to their business. They also lacked the in-house privacy expertise to operationalize the program and continuously monitor and enhance its capabilities.

Approach

BDO was engaged to lead and implement the client’s global privacy program in all continents. Using our established privacy and data protection framework, we developed and updated policies, notices, and procedures. We also implemented technology to identify personal data sources, manage individual rights, conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) as well as trained local employees, evaluated data transfer implications, and implemented proper privacy and data protection controls. 

Client Impact

BDO developed a comprehensive privacy program, prioritizing operations based on the company’s risk profile. BDO’s deep experience enabled a holistic and thoughtful implementation of privacy capabilities that took the program to a new level of maturity in less than 12 months. By demonstrating our understanding of the client’s needs, we were able to operationalize a privacy program that was right sized to the organization, and as a result, the client selected BDO as their outsourced global privacy team.