GDPR Webinar Preview: Q&A with Chevron’s Veronika Tonry

Check out our on-demand expert panel webinar discussing the GDPR

This webinar occurred on July 20. Visit us here to view GDPR: The Shifting Tides of Global Privacy on-demand. 

As a bit of a preview, we’ve asked one of our panelists, Chevron’s Veronika Tonry, to answer some of the questions we’ll be putting to all our participants.
Ms. Tonry is the global privacy manager for Chevron, where she is responsible for overseeing the enterprise-wide data privacy strategy and program since 2014. She also oversees the management of privacy and data protection compliance and regulatory engagement on a global basis.
Read on for our brief Q&A with Veronika Tonry:

MediaPro (MP): How will the GDPR impact your industry?

Veronika Tonry (VT): Within the oil and gas industry, navigating privacy in a multi-national company with business structures that often include joint venture partners, including foreign governments and partners in countries with no privacy legislation, will become even more complex and challenging.
In an industry where an environmental disaster or an unstable government defines examples of high risk, GDPR fines raise privacy into these higher risk categories. Accordingly, privacy concerns will require more executive attention and a solid plan to address these risks.
View our webinar GDPR-The Shifting Tides of Global Privacy on-demand

MP: What will privacy professionals in your company do differently as a result of the GDPR?

VT: We have a roadmap to GDPR compliance and are working on maturing our breach protocol. Our goals include:

  • Creating new privacy impact assessments for annual system/application reviews
  • Developing a tighter framework of privacy standards and controls integrated into a central risk solution
  • Deepening the understanding and reviewing staffing allocations of our privacy professionals
  • Ramping up general privacy awareness efforts, especially pertaining to reporting incidents and potential breaches

MP: How do you see the GDPR impacting the way you communicate with your general employees about privacy?

VT: The GDPR will mean more frequent and targeted communication to our general employee population. We’ll need to reiterate some key themes, including the consequences of breaches and that everyone is responsible for privacy. This is very closely related to what we have been doing for cybersecurity awareness. 
For more from Ms. Tonry, and other privacy experts, on the impacts of the GDPR, be sure to check out the webinar on-demand!

Share this Post

Register Here

Related Posts

Our privacy awareness reinforcement animation, Do Your Part for Privacy, summarizes privacy awareness basics for employees at all levels.
Video: Do Your Part for Privacy
Like peanut butter and jelly or milk and cookies, the security and privacy fields just go better together.
The Security and Privacy Merge: It’s A Good Thing
The privacy landscape continues to evolve, and so must privacy awareness programs. In other words, the program must adapt.
White Paper: 3 Questions to Ask When Developing An Adaptive Privacy Awareness Program
What's the best way to educate employees on privacy practices? Keep the lessons relevant, and role-based privacy training is a key tactic in this regard.
3 Reasons Why You Need Role-Based Privacy Training