Artificial Intelligence & Machine Learning , Events , Geo Focus: Asia
Privacy Programs Need Top-Down Approach for GDPR Success
BTSE's Aarthi Sureshkumar on Balancing Compliance With Operational EfficiencyLarge organizations struggle to balance GDPR compliance requirements with operational efficiency while managing vast amounts of data across their ecosystems, said Aarthi Sureshkumar, head of IT GRC and privacy at cryptocurrency exchange BTSE. The challenge extends beyond internal systems to include data flows through external channels and third-party interactions.
See Also: Establishing a Governance Framework for AI-Powered Applications
Privacy frameworks demand extensive data mapping and protection measures across all business operations. Success depends on clear leadership vision and organizational commitment.
"GDPR is one of the most stringent and most prescriptive privacy law that's known today, though, different countries today have adopted their own versions of the privacy laws. Most can trace their roots to GDPR. To be compliant with it, you often are required to have a very robust and mature privacy framework," Sureshkumar said. "Ensuring that every segment of data is accounted for, you map it, you inventorize it, and then you protect it adequately. That's a huge challenge. It has to be a top-down approach. It has to come from the management."
In this video interview with Information Security Media Group at the GovWare Conference and Exhibition 2024, Sureshkumar also discussed:
- How privacy-by-design principles apply to AI implementation;
- The three pillars of privacy responsibility across organizations;
- Ways to integrate privacy into broader data governance frameworks.
Sureshkumar has more than a decade of experience in the financial services, technology, healthcare, automobile and manufacturing sectors. Her expertise includes PCI DSS, SSAE, ISAE and SOX audits, GDPR, IT general control reviews, software asset management, risk, and business continuity management.