Sep 23–26, 2019
Please log in

Are your privacy practices auditor approved?

Mark Hinely (KirkpatrickPrice)
2:55pm3:35pm Wednesday, September 25, 2019
Location: 1E 14
Secondary topics:  Privacy and Security

Who is this presentation for?

  • Compliance officers, CISOs, CTOs, and IT




The fear that comes along with new compliance requirements, especially something as big as GDPR or the California Consumer Privacy Act (CCPA), is overwhelming for many organizations. They don’t know where to start, what to fix, or what an auditor expects to see. They don’t know how auditors do it or how they test an organization’s privacy practices. Mark Hinely gives you an auditor’s perspective on the newest security and privacy regulations, how your business can prepare for compliance, and what the audit looks like to an auditor.

Most people don’t get to learn about what an auditor does during a privacy engagement, how they perform testing, or what they’re looking for. You’ll leave with four actions to start with when working toward your privacy-compliance efforts—privacy policies, data mapping, vendor compliance, and documentation review. These will help you understand what kind of data you collect, where it goes, and what role you play in the process.

Prerequisite knowledge

  • Knowledge of how your business currently pursues privacy and compliance efforts

What you'll learn

  • Understand what your organization should be doing to prepare for data privacy regulations
  • Discover an auditor’s intent and perspective when they enter your organization for a privacy audit
  • Learn some of the key areas of a privacy audit
Photo of Mark Hinely

Mark Hinely


Mark Hinely is a director of regulatory compliance at KirkpatrickPrice and a member of the Florida Bar, with 10 years of experience in data privacy, regulatory affairs, and internal regulatory compliance. His specific experiences include performing mock regulatory audits, creating vendor compliance programs, and providing compliance consulting. He’s also SANS certified in the law of data security and investigations. As GDPR has become a revolutionary data privacy law around the world, Mark has become the resident GDPR expert at KirkpatrickPrice. He has led the GDPR charge through internal training, developing free, educational content, and performing gap analyses, assessments, and consulting services for organizations of all sizes.

  • Cloudera
  • O'Reilly
  • Google Cloud
  • IBM
  • Cisco
  • Dataiku
  • Intel
  • Io-Tahoe
  • MemSQL
  • Microsoft Azure
  • Oracle Cloud Infrastructure
  • SAS
  • Arcadia Data
  • BMC Software
  • Hazelcast
  • SAP
  • Amazon Web Services
  • Anaconda
  • Esri
  •, Inc.
  • Kyligence
  • Pitney Bowes
  • Talend
  • Google Cloud
  • Confluent
  • DataStax
  • Dremio
  • Immuta
  • Impetus Technologies Inc.
  • Keyence
  • Kyvos Insights
  • StreamSets
  • Striim
  • Syncsort
  • SK holdings C&C

    Contact us

    For conference registration information and customer service

    For more information on community discounts and trade opportunities with O’Reilly conferences

    For information on exhibiting or sponsoring a conference

    For media/analyst press inquires