The quest to level up 

Our client’s data privacy program had been in place for several years and included a standing service team for handling consumers’ inquiries and requests. When we first spoke with the director of privacy, he noted that his team was spending an increasing amount of time dealing with day-to-day privacy issues such as ticket escalations from the service team. They needed a middle layer that combined data privacy expertise with the operational know-how needed to run an efficient internal consultancy, leaving the director and his team free to focus on strategic matters. 

Logic20/20 responded with a data privacy as a service (DPaaS) solution encompassing a team of four full-time consultants with guidance from our data privacy leadership. Our client’s director of privacy engaged us to take on an array of responsibilities to ensure continuous alignment with the organization’s privacy policies, including: 

For the first month of our engagement, the team focused on understanding the data privacy organization’s current practices and applying process improvement principles to ensure maximum efficiency. After conducting a current state assessment that entailed shadowing team members, reviewing documentation, and interviewing stakeholders, we streamlined every process to ensure maximum efficiency from Day One of our partnership.

With new, improved processes in place, our team settled in for the day-to-day work of an efficient in-house data privacy consultancy. To ensure ongoing alignment with the division’s strategic goals, they instituted weekly status meetings with the director of privacy and monthly “priority syncs” with the full gaming privacy team.

As the weeks progressed, our time savings accumulated to the point where we could execute special projects to up-level the division’s data privacy readiness, including

• Supporting launch an AI-driven self-service resource for basic data privacy questions
• Implementing new and improved operations reporting, enabling the data privacy team to make data-based decisions
• Creating a privacy review template to standardize documentation

The DPaaS team has helped our client reduce risk, improve efficiency, and heighten the level of service provided by the data privacy team by

• Reducing time spent on privacy review pre-work and post-review documentation by 50 percent through the introduction of the privacy review template
• Creating efficiencies by auditing and re-organizing the privacy team’s internal knowledge sharing platforms
• Replacing manual tracking of data protection impact assessments (DPIAs) with a tracking dashboard to give the team insight into the status of all assessments
• Reducing risk through reporting improvements that provide visibility into which teams are requesting privacy reviews and where gaps have occurred

Our team is growing and continues to play a vital role in ensuring alignment with the enterprise’s data privacy policies and that teams remain well-informed on the changing data privacy landscape.