Global Functions Synergies as the Art of Privacy in a Digital Age
Jennifer GODIN, Group Data Protection Officer, Roquette.
Jennifer GODIN, Group Data Protection Officer, Roquette.
Our Journey Toward One Team
The subject of data protection in our company began in January 2017 with the creation of the post of Data Protection Officer (DPO).
It became a function with a dedicated communication channel in our intranet.
We started our multi-year program by defining a Data Protection Policy with a manual based on international standards on management systems and directives compliant with the GDPR - that came into force on May 25, 2018 - and could be adapted to principles of other privacy laws.
By instilling a culture of privacy and realizing a permanent Privacy Regulatory Watch, a network of privacy coordinators in Global Functions and local DPOs began to form.
This network formed the members of the Personality Development Program (PDP) Committee, our monthly governance committee for privacy and data protection.
By being part of our company’s strategic projects and working to improve internal processes as part of our Global Compliance program, a PDP community has grown.
A highlight of this year was the organization and realization of a PDP seminar at the headquarters of our company.
This PDP Seminar is the meeting place for our data protection network and private contributors to form ONE PRIVACY TEAM.
Data Protection and Trust
“Data privacy no longer concerns only legal teams. It has become a cross-functional business imperative that everyone from Legal, to Marketing, to HR, to Audit, to Digital, to Purchasing must understand and pay attention to.”
Therefore, more than a compliance orchestra conductor, the DPO has become a facilitator between business functions and an ambassador of a company's culture and values.
To reinforce our culture of privacy and synergies between functions, we celebrate international events through common and complementary issues and values.
Data Protection and Sustainability
“Adopting and enforcing lean data collection, data use, and data storage practices can contribute in a significant way to corporate social responsibility (CSR) and sustainability goals while also ensuring better security and privacy.”
The growing need to dematerialize operations and information exchange between the Group, our customers, and business partners, as well as legal and regulatory requirements, have subjected our company to a number of obligations in terms of the length of the data retention period and records management policies.
Based on its activities, our company acquires and processes a large amount of sensitive data related to its strategy, financial results, commercial development, or commitments, as well as personal data related to clients, business partners, and staff members.
Therefore, we have defined and adopted internal rules common to the company in a Global Data Retention Policy defined with the contribution of Business, Legal, and Digital.
But the main point is our collaborators.
As users, owners, or managers of documents, Information, data, and records, they can have a positive impact.
To do this, we have launched the organization of annual Data Cleanup weeks with the Legal, Compliance, and Digital departments and the Sustainable Development team.
These events are synchronized with a Global Event: World Cleanup Day.
The context at the origin of these events:
- An evolving regulatory environment on data storage requires compliance but also the adoption of good storage practices.
- A Legal and Compliance initiative, with the definition of our Data Retention Policy containing Directives, Lists, and Procedures.
- An initiative consistent with the Acting and Refining pillars of our sustainable development report:
- From an environmental point of view, it challenges our Carbone footprint and raises awareness about the data impact
- From a Well-being point of view, it promotes Good Behaviors that will improve the “Quality of Work Life.”
- A Digital initiative is consistent with the desire to optimize the company devices by releasing storage capacity on our servers but also on our mobiles.
Data Protection and Cybersecurity
With increased enforcement action from authorities, new challenges posed by digital platforms and emerging technologies, and the ongoing debate on digital ethics, among many other issues, data protection, and privacy took a central position on the global regulatory stage in recent years
“Protecting and defending individuals, devices, and networks form the basis of Privacy and Cyber security strategy. Individuals, devices, and networks are interlinked and interdependent. Defending security means securing all three simultaneously. Examples of security failures across all three domains are evident in almost every major cyber-attack.”
Cybersecurity, a central issue in data protection
The applicable legislation on data protection, and in particular the General Data Protection Regulation (GDPR), establishes a risk-based approach for all players: they must systematically consider not only legal compliance but also the risks to data and individuals generated by their data processing.
Cybersecurity has become a key issue for all companies. It is also an obligation imposed by the GDPR and the Data Privacy laws.
Faced with growing threats and new technological challenges, it is more necessary than ever to secure our information systems to protect the personal data of our users, customers, partners, and employees.
On the occasion of Cyber Security Month, the Data Protection Team - in collaboration with Global Digital, Global Security, and Group Communication, as well as the participation of local DPOs - is coordinating the event: "In October, I act for 'Privacy and Cyber Security Month."
The Privacy and Data Protection's annual campaign is dedicated to promoting Privacy and Cybersecurity among our employees and organizations and providing up-to-date privacy and security information through awareness-raising activities and sharing of good practices.
Our year's slogan is “The Art of Privacy in a Digital Age.”
Weekly Brief
Read Also
