Global Regulation Alignment Support 


The Challenge

A U.S. based global agricultural company with a primarily B2B business model was looking for support to create and design a global privacy program from scratch. 

Through discovery sessions and strategic planning, Myna developed a tailored Privacy Program Operating Model, provided key policies, and created a Record of Processing Activities (RoPA) to ensure compliance and support data mapping.

OUR APPROACH

Myna solved the organization’s challenges through multiple discovery sessions across all business regions. We developed a Privacy Program Operating Model to display design recommendations for building a program from scratch, provided a suite of policies to jumpstart the program, and created a Record of Processing Activities (RoPA) to both satisfy regulatory requirements and serve as a data mapping inventory exercise for the organization.

Privacy Program Operating Model included:​ 

  • Myna Partners key current state observations​ 
  • Priority list and roadmap to addressing Myna Partners identified key risks​ 
  • Risk-based program, policy, and privacy-by-design recommendations​ 
  • Recommended structure and design for a global compliance team​ 

Suite of Policies to jumpstart privacy program implementation, specifically:​ 

  • DSR Policy
  • Consent Management Policy
  • Employee Notice
  • PbD and PIA Policy
  • Breach Response Policy
  • RoPA Policy
  • Vendor and Security Policy
  • Privacy Notice

Myna worked closely with the client to develop a privacy program strategy that established the program structure from the ground up. This focused on compliance with all relevant global privacy regulations as well as managing the program on a global scale.​ Myna helped the company establish a strong, compliant privacy program across its global operations.

PROGRAM OUTCOMES

  • The organization was provided a complete Privacy Program Operating Model that encompassed key observations, recommendations, risk-based business decisions to be made outlined, and the design of a new global compliance team.​ 
  • The organization was given a suite of 8 policies that were used to launch privacy program implementation and ensure compliance across multiple business regions.​ 
  • A complete data mapping inventory, covering 6+ global business regions was created. This inventory also served as a regulatory-compliant Record of Processing Activities (RoPA).