- August 23, 2023
Episode 39: The Next Great Transformation of the CCO
- August 23, 2023

Information Management
- May 31, 2023
Episode 38: IAPP Outlook – Top Challenges in Data Privacy Compliance
- March 1, 2023
Episode 37: Data Privacy and Security from the CEO's Perspective
- February 16, 2023
Episode 36: The ACC Data Steward Program; Addressing Data Security
- February 1, 2023
Episode 35: Information Management in an Evolving Data Privacy Environment
- January 18, 2023
Episode 34: Discussing the Canadian Privacy Landscape for 2023
Meet Your Host

Bill Tolson
Bill is the Vice President of Global Compliance for Archive360. Bill brings more than 29 years of experience with multinational corporations and technology start-ups, including 19-plus years in the archiving, information governance, and eDiscovery markets. Bill is a frequent speaker at legal and information governance industry events and has authored numerous eBooks, articles and blogs.
Episode 39: The Next Great Transformation of the CCO
Description:
- Evolution of Compliance Officer Role: They discuss the historical background of compliance officers and how guidelines from 1991 emphasized effective compliance programs. The Caremark case in 1996 established the duty of directors to oversee compliance risks, including information systems and red flags.
- Recent Changes: They delve into a recent Caremark case that extends compliance responsibilities to corporate officers, not just directors. This means the CEO and CCO now share company-wide compliance duties.
- DOJ's Influence: The US Department of Justice's guidance is shaping compliance expectations, emphasizing a culture of compliance, empowering officers to raise concerns, and prioritizing ethics over profit.
Topics: Data Privacy, Regulatory Compliance, Data archiving, Information Management, Information Security, Data Management, Information Governance
Episode 38: IAPP Outlook – Top Challenges in Data Privacy Compliance
Description:
- Data transfer and the uncertainty around how companies can legally transfer data across borders, around the world, and particularly in Europe, to be compliant with data protection laws.
- The new role of the DPO (Data Protection Officer) mandated under the GDPR, the DPO's roles and responsibility, and their background requirements
- How AI will play a role in governance and the new programs the IAPP is launching to help privacy professionals manage this new AI world
Topics: Data Privacy, Regulatory Compliance, Data archiving, Information Management, Information Security, Data Management, Information Governance, Data Protection Officer, IAPP
Episode 37: Data Privacy and Security from the CEO's Perspective
Podcast Description:
In this episode Priya Keshav, CEO of Meru Data, discusses the effects of the explosion of privacy legislation on corporations. This episode also discuss:
-
Whether the approach to regulatory compliance can be simplified by using one set of regulations as the "golden standard"
-
Reasonable data security: how is it defined and who enforces those requirements
-
The proposed federal privacy legislation and if it will pre-empt the current state privacy laws
Topics: Legal/eDiscovery, Data Privacy, Regulatory Compliance, Data archiving, Information Management, Information Security, Data Management, Information Governance
Episode 36: The ACC Data Steward Program; Addressing Data Security
Description:
Topics: Legal/eDiscovery, Data Privacy, Regulatory Compliance, Data archiving, Information Management, Information Security, Data Management, Information Governance
Episode 35: Information Management in an Evolving Data Privacy Environment
Description:
- Why there is no one data privacy set of requirements that is the "golden standard" like the GDPR or CCPA, whereby complying to one set of laws will equal compliance with all other US states' legislation. Each new set of data privacy laws has their own nuances and exemptions.
- The staggering amount of money organizations will spend (up to $100B per year) having to comply with multiple state requirements - including additional reiterations of existing states' data privacy laws.
- How the most efficient way for an organization to respond to a data subject's access request is by centralizing and syncing all the organization's data in a single repository.
Topics: Data Privacy, Regulatory Compliance, Information Management, Information Security, Data Management, Information Governance
Episode 34: Discussing the Canadian Privacy Landscape for 2023
Description:
- the upcoming Canadian Privacy Laws (C27) and how they align with other country privacy regulations.
- how the law is split into three parts: a modernization of current Canadian laws (PIPEDA), a tribunal component, and how AI will effect the collection of data
- what will be the rights of private citizens to have their PII deleted
Topics: Data Privacy, Regulatory Compliance, Information Management, Information Security, Data Management, Information Governance