8 steps to ensure data privacy compliance across borders

Fong concurs, emphasizing the importance of annual legal awareness sessions for product teams.

“CIOs should make it their responsibility to bridge the gap between legal and product, and make sure new features are developed with compliance in mind from day one,” he says. “Innovation doesn’t slow down when privacy is part of the process. It accelerates because you avoid costly rewrites later.”

Nick DeMelas, chief experience officer at software developer Sourcetoad, says his company proactively maintains awareness of regulatory trends, geopolitical developments, and emerging technologies with research, alerts, RSS feeds, and keeps an eye on the industry overall.

“Our team actively participates in ongoing internal training sessions, regularly sharing insights about privacy and security developments,” he says. “We also hold internal discussions and talks, such as recent sessions on differences between EU and US privacy standards, helping our team anticipate shifts rather than react to them.”