For engineers and legal leaders, cross-functional conversations about data privacy can often be complicated and frustrating, to say the least. The exchange is made even more difficult by a lack of shared language between the two leaders. Your mission is to make data privacy simple, robust, and efficient in your organization. Getting a handle on a scalable solution for your access, deletion, and consent operations is a clear place to start. But first, bridging the gap between the legal and the engineering perches is a must-have in order to make that possible.

That’s why we put together our latest guide—11 Key Engineering Concepts to Know for Your Data Privacy Program. Understanding each of these concepts can make your conversations together more action-oriented.

With shared language, you can focus on improving your company’s data privacy program and begin to map out how to easily approach deletion, access and consent at the data level.

The value of a rock-solid partnership with your engineering team

First, let’s look at why you and engineering leaders see things differently. As a legal leader, you might be drowning in backlogs of user privacy requests, wishing for a way to automate the access, deletion, or consent process, and dreaming of real governance and visibility of your organization’s data.

Engineering leaders, on the other hand, may be looking at the complexity of their technical systems, wishing to constrain the scope of the right to be forgotten, and wondering why everyone keeps asking for seamless operations on individual data—a seemingly impossible task. All the while, engineers are wrangling a core product roadmap that they’ve committed to shipping this quarter.

Collaboration can be difficult because neither team understands the other’s domain—law and engineering are two esoteric topics requiring deep domain expertise, and both topics can be enigmatic to outsiders.

When it comes to operationalizing data privacy requests, legal and engineering do face similar challenges. Both sides are dealing with the ever-expanding complexity of requirements and resource constraints of headcount, budget, and time. Further adding to the challenge, there’s, unfortunately, a lot of hyperbole in the nascent privacy software industry about the power of various ‘GDPR / CCPA’ technology solutions. “Automation,” for example, is one term that seems to be touted by most vendors regardless of their underlying technology. Because of this, engineering and legal orgs may be hearing different sets of facts about what’s technically possible from a cost, technology, or operational perspective.

The partnership between legal and engineering frequently develops while thousands of consumer privacy requests pile up in a queue, new data streams constantly pop up, various teams change their SaaS (software-as-a-service) tooling, and with new privacy regulations, the requirements continue to grow (with Virginia now the latest state to pass comprehensive legislation with CDPA).

The good news is that legal and engineering teams can realize quick and painless progress on privacy projects if they work well together. By exploring these 11 engineering concepts to know for your data privacy program, you’ll get into the mind of how an engineer thinks about scaling out privacy tasks such as processing user requests. Understanding these engineering concepts will also help you have an edge on the technical capabilities that can help your company get onto a glide path to a more scalable and secure data privacy program.

A strong legal and engineering relationship can also unlock what we consider the optimal infrastructure for fulfilling privacy requests, and the only one built to scale—the ability to automatically and seamlessly operate on user data privacy preferences and controls across all data systems—with truly no humans in the loop. It’s often both a dream state and a profoundly technical endeavor for most businesses—but one that both teams can unlock.

Our Tech Stack Decoded guide covers the following 11 technical concepts we believe are crucial to any modern data privacy tech stack:

1. Authentication
2. Data systems
3. SaaS (Software-as-a-service)
4. Structured data
5. Unstructured data
6. Deterministic and nondeterministic queries
7. API integrations
8. Webhooks
9. Data erasure vs. pseudonymization
10. User experience (UX)
11. End-to-end encryption