• The GRC Red Flag Series:

    Navigating Privacy Regulations in 2021 and Building a Privacy Program Sponsored by OneTrust

    August 19th, 15:30 to 17:00 BST | 10:30-12:00 EDT

    + On-demand

  • Headline Sponsor - OneTrust

    GRC World Forums

  • The GRC Red Flags Series with Michael Rasmussen

    Navigating Privacy Regulations in 2021 and Building a Privacy Program

    Privacy has become a field of landmines that organizations have to carefully navigate through. From the EU GDPR, California’s CCPA, South Africa POPIA, Canada’s PIPEDA, Australia’s Privacy Act, . . . the list goes on and on and on. With the potential for a Federal U.S. privacy law, it is about to become even more complex.


    However, privacy is much more than complying with laws and regulations. In one large insurance company, the Chief Privacy Officer pointed to the plaque on her wall with the company mission statement about doing the right thing for the customer. She said, that is what privacy is about here. They go beyond regulation to ensure their clients data is used properly, with consent, and protected.


    In today’s new era of ESG - Environmental, Social, Governance - we are seeing even more focus put on the principles of privacy under the S in ESG, the social aspect. Privacy of personal information is a social right and needs to be protected as part of the integrity and values of an organization.


    Privacy is much more than data protection/security. Privacy is about the integrity and accuracy of data, the right of individuals to control and have access to their personal data, its appropriate and approved use, and data protection. This gets quite complicated in today’s environment of the extended enterprise in managing privacy risk and compliance across third-party relationships that are part of the organizations processes.


    In this GRC Red Flag Series we will explore privacy in the context of:

    • Regulations, what organizations should expect from current and pending privacy regulations
    • ESG, the role of privacy in an organizations ESG program
    • Extended Enterprise, how to manage privacy across distributed third-party relationships
    • Best Practices, what is needed to manage privacy to be efficient, effective, and agile
  • What to expect by joining

    The GRC Red Flag Series: Navigating Privacy Regulations in 2021 and Building a Privacy Program

    The GRC Red Flag series will identify and debate the current &

    future critical risks and regulatory changes that can impact businesses.

    Fireside Chat with Kabir Barday, CEO, OneTrust

    30 minutes

    Panel Discussion with special guests

    30 minutes

    GRC in the News

    30 minutes

  • Joining Michael Rasmussen for Navigating Privacy Regulations in 2021 and Building a Privacy Program

    Kabir Barday

    CEO, OneTrust

    Kabir is the Founder, President, and CEO of OneTrust. In five years, Kabir has grown the company into the #1 fastest growing company on the Inc. 500 and category-defining enterprise technology platform to operationalize trust. According to TCV, OneTrust is the fastest growing enterprise software company in history. OneTrust has largely pioneered the trust technology market, has been awarded 150 patents, and acquired 7 companies along the way.


    OneTrust has raised $920 million funding round a $5.3 billion valuation from investors Insight Partners, Coatue, TCV, SoftBank Vision Fund 2, and Franklin Templeton.

    Kabir oversees all aspects of OneTrust’s product development, operations, and sales internationally. Kabir holds a Fellow of Information Privacy with the IAPP, the highest designation of a privacy professional, and sits on the advisory boards for the Future of Privacy Forum (FPF), the Center of Information Policy Leadership (CIPL), The International Association of Privacy Professionals (IAPP), the Cloud Security Alliance (CSA), and Shared Assessments (known for the SIG third-party risk standard). He has spoken at hundreds of leading industry events globally including Gartner Symposium, Gartner Security & Risk, IAPP Global Privacy Summit, RSA Conference and Infosecurity Europe.

    Courtney Stout Esq

    Chief Privacy Officer at The Coca-Cola Company

    Courtney Stout, Esq. CIPP/E, CIPM, is the Chief Privacy Officer at The Coca-Cola Company where she leads the company’s global privacy strategy. Prior to joining Coca-Cola, Courtney was the Chief Privacy Officer and Co-Lead of the Cyber Incident Response Team for a Fortune 500 company with a focus on “getting to yes” aligning privacy requirements with business needs and growth opportunities. She has a proven track record of integrating privacy, security, and technology solutions to meet the rapidly changing regulations and industry standards. Courtney has extensive experience with a wide range of data, cybersecurity and incident response matters, including artificial intelligence. She has advised clients on how to prepare for an incident to enable efficient and effective response, and throughout the life-cycle of an incident, including managing large-scale data breaches, coordinating with law enforcement, responding to regulatory investigations, advising boards and executives on critical business decisions, and managing lessons learned and necessary mitigation.

    Mark Sward CIPP/C/E, CIPM

    Vice President and Global Head of Privacy, Sterling

    Mark Sward is Sterling’s Vice President and Global Head of Privacy. He leads Sterling’s global privacy team, which oversees Sterling’s privacy program, supports internal data protection compliance initiatives around the world, provides information and best practice guidance to Sterling’s clients through webinars, whitepapers and other documentation, and plays an active role in thought leadership and advocacy around privacy matters in the background screening industry. With eleven years of experience in the industry, he has been responsible for Sterling’s privacy program in Canada since 2013 and globally since 2018. He holds a bachelor’s degree in political science from McGill University and a certificate in law from the Université de Montréal, and is recognized by the International Association of Privacy Professionals as a Certified Information Privacy Professional (Canada and Europe) and a Certified Information Privacy Manager. Mark is based in Victoria, British Columbia, Canada.