March 14, 2023

Compliance with Data Privacy with Bill Piwonka

27 minutes

Legal GRC focuses on the various activities and responsibilities that people who report to legal must carry out, such as data privacy and breach response. In this week’s show, Tom Fox reconnects with Bill Piwonka, Chief Marketing Officer of Exterro, to discuss compliance with data privacy. They discuss the concept of legal GRC, which is a subcategory of the larger umbrella of GRC. They also explore how Exterro's legal GRC software can help companies manage their data effectively and efficiently while ensuring compliance.

Prior to Bill Piwonka’s current position at Exterro, he had extensive experience running marketing teams for typically small software companies, helping build them as they grew. His knowledge of both startups and large multinational global organizations, including Intel and Oracle, has given him a unique perspective on the dynamics of different companies. As an expert in compliance and data privacy, Bill's insights and expertise are invaluable to organizations seeking to improve their compliance programs.

Key ideas you’ll hear Tom and Bill discuss:

Legal GRC is a subcategory of the larger umbrella of GRC that focuses on the various activities and responsibilities that people who report to legal must carry out, such as data privacy and breach response.

Understanding where your data is, who owns it, and what regulations apply to it is crucial to effective data management and compliance.

Data governance, data security, and data cleansing are key components of ESG, particularly in the G part, and the management of data is a mandatory step under ESG.

Having a data inventory and understanding what regulations apply to that data from a retention perspective and disposition is essential to minimizing risk and ensuring compliance with various regulations.

The key to minimizing risk and ensuring compliance is to have the processes and technology that enable you to constantly push the deletion button, in accordance with your retention policy.

Extero has broad capabilities in eDiscovery, privacy forensic investigation, incident response, and cybersecurity compliance. Its clients include a wide range of professionals, such as IT, legal ops, GC, compliance, privacy, and HR.

Regulatory obligations around data security and document turnover are a significant concern for organizations, and Extero's eDiscovery product can help clients comply with government agencies' requirements and store relevant information in their ESI vault.

Extero's consent product can help organizations with obtaining and revoking consent across any medium and demonstrate their compliance.

Legal departments are now recognizing the need for people, process, and technology to address issues that are now being enforced, especially on the privacy side. Process orchestration gives legal departments the ability to manage, measure, and optimize their processes and ensure defensibility.

Extero's marketing strategy is to provide high-quality educational content for the people who would ultimately use their products, such as benchmark surveys, case law alerts, and privacy alerts.

KEY QUOTES

"Legal has to be involved in all the different GRC activities." - Bill Piwonka

"You have to have the guts to push the deletion button. When you have the processes and the technology that enable you to constantly push that button, you're going to minimize your risk and you're going to ensure compliance across a whole swath of regulations." - Bill Piwonka

"If I can help somebody understand how to optimize a data subject access request process or how to conduct a document review more efficiently, and help them do their jobs more effectively - and I do that for five years - they are more productive, they're more efficient, and they like the content that we're creating." - Bill Piwonka

Resources:

Bill Piwonka on LinkedIn | Twitter

Exterro

...more

View all episodes

By Thomas Fox

4.4

1616 ratings