A blog that looks at all aspects of project and program finances from budgets, estimating and accounting to getting a pay rise and managing contracts.
Written by Elizabeth Harrin from RebelsGuideToPM.com.
Recent Posts
Making social impact part of everyday delivery
Who really owns the project budget? Clarifying financial accountability
How to learn AI the sensible way
Making sense of project cost reports
How real PM mentoring actually works
Categories
accounting,
agile,
ai,
appraisals,
Artificial Intelligence,
audit,
Backlog,
Benchmarking,
benefits,
Benefits Management,
Benefits Realization,
Bias,
books,
budget,
Business Case,
business case,
business case,
Career Development,
Career Development,
carnival,
case study,
Change Management,
checklist,
collaboration tools,
communication,
Communications Management,
competition,
complex projects,
Conferences,
config management,
consultancy,
contingency,
contracts,
corporate finance,
corporate finance,
cost,
Cost Management,
cost management,
credit crunch,
CRM,
data,
data security,
debate,
Decision Making,
delegating,
digite,
earned value,
Education,
Energy and Utilities,
Estimating,
events,
FAQ,
financial management,
financial management,
forecasting,
future,
GDPR,
general,
Goals,
Governance,
green,
Information Technology,
Innovation,
insurance,
interviews,
it,
Knowledge Management,
Leadership,
Lessons Learned,
measuring performance,
Mentoring,
merger,
methods,
metrics,
multiple projects,
negotiating,
Networking,
news,
Olympics,
organization,
Organizational Culture,
outsourcing,
personal finance,
Planning,
pmi,
PMO,
PMO,
Portfolio Management,
portfolio management,
presentations,
privacy policy,
process,
procurement,
product management,
productivity,
Program Management,
project closure,
project data,
project delivery,
Project Success,
project testing,
prototyping,
qualifications,
Quality,
quality,
Quarterly Review,
records,
recruitment,
reports,
requirements,
research,
resilience,
Resource Management,
resources,
risk,
Risk Management,
ROI,
salaries,
Schedule Management,
Scheduling,
scope,
Scope Management,
security,
small projects,
Social Impact,
social impact,
social media,
software,
software,
software,
Stakeholder Management,
stakeholders,
Strategy,
success factors,
supplier management,
team,
Teams,
testing,
testing,
timesheets,
tips,
training,
transparency,
trends,
value management,
vendors,
video,
virtual teams,
workflow
Date
Last month I looked at some of the basics for data privacy on projects. Let’s go into that in a bit more depth this month, by looking at some of the project tasks you can schedule to help manage data on your project within the regulations of your country, whatever they are.
- Data mapping
The first activity you can schedule is data mapping. You might already have a customer journey or user flows or process maps. Can you add a swimlane for data on that? Or if necessary, create a new data map.
The data mapping exercise should help you understand where, how, and why data is being collected throughout the project lifecycle and beyond.
- Data Processing Agreements (DPAs)
Another task is creating DPAs with the relevant parties for your project. This is normally something you’d do as you contract with a third party, so lean into the legal or procurement team for support.
A DPA is a document that outlines how data will be handled, stored, and protected. There is probably a template within your organisation already.
Alternatively, the task is to check that DPAs are already in place, if the vendor is one that you use regularly. I like the kind of tasks that can easily be checked off! They help the team feel they are making progress and ensure that you are putting compliance at the forefront of your processes.
- Due diligence
Schedule time to conduct due diligence on third-party tools and vendors to ensure their privacy and security measures meet your organisation’s data protection requirements. You probably won’t be doing the actual due diligence, so talk to your procurement or legal teams, or the data protection officer to find out how this will happen.
Again, if your company already has a relationship with the third-party, the task here is to check that it was done at some point and does not need to be done again.
- Data security and risk mitigation
Make sure there are activities on the schedule that involve implementing strong security measures to protect project data. That could include setting up multi-factor authentication, data encryption, and secure access protocols.
Generally, the IT team would have to take responsibility for doing these things or checking that they are already in place from a third party. Talk to them about the kinds of tasks that need to go on the schedule so they have enough time to put security measures live before the project launches.
- Testing
Make time for data testing. For example, schedule penetration testing. Look through your risk register for risks related to data breaches or leaks and have mitigation strategies in place that you can test out. That might be checking you can restore from back up or testing security protocols for data access.
Again, talk to your technical teams about what this might look like for your projects and put the time in for this work so it doesn’t get squeezed in at the last minute or forgotten about.
All of these scheduleable (is that a word?) tasks will help you address any risks or issues relating to non-compliance and show that you are actively prioritising data privacy. Next time I’m going to look at training teams on data privacy best practices. Meanwhile, why not share your experiences of data on your projects in the comments below? Thanks! |
Posted on: June 03, 2025 09:00 AM
|
Permalink |
Comments (7)
