A technology company operating throughout Latin America that already had a personal data protection program in place approached us so that we could help the DPO with some of the challenges they were facing.
Among these challenges was the efficient running of the program: which risks to prioritize and how to operationalize the actions, as well as decision-making in critical situations involving personal data. For example, situations involving security incidents, high-risk treatments or the use of new technologies.
The DPO, who was very well trained and had a broad vision of the company, asked questions about how the market has adopted personal data protection practices.
In a large and diverse company, how do you ensure that data protection practices are widespread and implemented in all areas?
How are other technology companies making decisions about data protection?
Which risk ruler should be used?
With extensive market experience – considering that Chenut is an external DPO and advisor on data protection for different business niches and at different stages of maturity – we help the DPO to effectively run the program, presenting alternatives at bottlenecks and suggestions aimed at optimizing the teams’ time.
In addition, we are available to advise on critical decisions involving personal data, such as the hiring of strategic suppliers, new marketing and advertising actions or the need to act in the event of a security incident involving personal data (a situation that has not occurred to date). Considering the critical nature of these decisions, we strive to respond quickly to requests.
To meet the client’s needs, we revised the governance documentation and organized the company’s data protection routines in line with the best market practices. In addition, regular meetings were held to monitor ongoing actions and present critical issues.
The result was a significant increase in the level of maturity of the program in question and a consequent reduction in exposure to risks relating to the protection of personal data.