Various legal regimes have differing definitions of what type of information is covered under the law. GDPR & Washington Privacy Act cover “personal data,” CCPA covers “Personal Information, the FTC covers “Personally Identifiable Information,” and then there are the various state data breach notification laws that delineate what type of information a company must notify a consumer about in the event of a breach. This presents a complicated landscape when it comes to operationalizing privacy; so how does an entity choose a simple, sound and effective approach? This session will cover some of those key data definitions and best practices that companies can leverage to keep track of their data holdings and associated compliance requirements.