Global Regulation Alignment Support 

A U.S. based global agricultural company with a primarily B2B business model was looking for support to create and design a global privacy program from scratch. 


introduction

Through discovery sessions and strategic planning, Myna Partners developed a tailored Privacy Program Operating Model, provided key policies, and created a Record of Processing Activities (RoPA) to ensure compliance and support data mapping. This case study highlights how Myna Partners helped the company establish a strong, compliant privacy program across its global operations.

THE CHALLENGE

Myna Parrtners solved the organization’s presented problem through multiple discovery sessions across all business regions, building a privacy program operating model to display design recommendations in building a program from scratch, providing a suite of policies to get their program off the ground, and creating a Record of Processing Activities (RoPA) to both satisfy regulatory requirements and serve as a data mapping inventory exercise for the organization.

Our Approach

Myna Partners worked with the client developing a privacy program strategy that designed program structure from the ground up focusing on compliance with all relevant global privacy regulations, as well as managing the program on a global scale.​ 

Created a Privacy Program Operating Model which included:​ 

  • Myna Partners key current state observations​ 
  • Priority list and roadmap to addressing Myna Partners identified key risks​ 
  • Risk-based program, policy, and privacy-by-design recommendations​ 
  • Recommended structure and design for a global compliance team​ 

Created a suite of policies to jumpstart privacy program implementation, specifically:​ 

  • DSR Policy, Consent Management Policy, Employee Notice, PbD and PIA Policy, Breach Response Policy, RoPA Policy, Vendor and Security Policy, and a Privacy Notice. 

Program Outcomes

  • The organization received a complete Privacy Program Operating Model encompassing key observations, recommendations, risk-based business decisions to be made outlined, and the design of a new global compliance team.​ 
  • The organization received a suite of 8 policies that the organization leveraged to jumpstart privacy program implementation and compliance across various business regions.​ 
  • The organization received a complete data mapping inventory encompassing 6+ business regions around the globe that also serves as a regulatory-compliant Record of Processing Activities (RoPA).