Data Privacy Compliance Framework

Design a data privacy compliance framework for [Company Name] operating in [Jurisdictions]. Cover: 1) Regulatory landscape mapping — GDPR, CCPA/CPRA, state privacy laws, industry-specific regulations (HIPAA, FERPA, COPPA). Identify which apply and key requirements of each. 2) Data inventory — data mapping exercise template: what personal data is collected, where it's stored, how it flows, who has access, retention periods, legal basis for processing. 3) Privacy by design — product development checklist, privacy impact assessment (PIA) template, data minimization guidelines. 4) Individual rights management — process for handling DSARs (access, deletion, portability, correction), response timeline tracking, identity verification requirements, exemption evaluation. 5) Consent management — consent collection mechanisms, preference center design, consent record-keeping, withdrawal process. 6) Vendor management — data processing agreement template, vendor privacy assessment questionnaire, sub-processor management, international transfer mechanisms (SCCs, adequacy decisions). 7) Breach response — incident response plan, 72-hour notification procedures, documentation requirements, authority notification templates. 8) Training program — role-based training curriculum, annual refresher requirements, awareness campaign ideas. 9) Governance — DPO/privacy team structure, privacy committee charter, policy review cadence, audit program.