This is a dissertation for an MBA program, and the subject is on data privacy programs, and the impact they have to organizations, if any. It will need to touch on an organization’s readiness to adopt a privacy program, their drivers, whether or not implementing a privacy program is critically different from any similar sized transformation project, and if privacy programs could be considered more than a regulatory requirement, but possibly also a strategic differentiator with a favourable ROI.
I would like to have a global view, and then the original research will be qualitative in nature, captured by interviews with industry leaders within a smaller island jurisdiction.
The running hypothesis is that implementing privacy programs are only different in the subject, but will butt up against the same challenges as any transformational change initiative. Additionally, there could be strategic advantages but the majority of organizations are not capitalizing on this, and the main driver is to be compliant. Lastly, within the island jurisdiction, it is believed organizations are not ready for regulations, and are not motivated to spend the time and money to be compliant.