Six-Month Privacy Program Coaching
For the privacy officer doing the work off the side of their desk. A structured cohort that gets the whole baseline built, one workshop and one deliverable at a time, alongside a small group of peers in the same boat.
Privacy landed on your desk on top of everything else you already do. There is no budget for a full-time hire, no roadmap, and a growing pile of frameworks that all assume you have a team and six months of runway. Every client questionnaire and every new feature makes the gap a little more obvious.
The usual options do not fit. A retainer is more than you can justify, and a pile of templates with no guidance becomes another thing you never get to. What you need is a structured way to build the program yourself, with someone who has done it many times guiding each step.
A six-month program for a small group of five to nine companies at a similar stage. Every month you finish one real part of your privacy program, so by the end you have built the whole baseline yourself.
One focused two-hour working session a month. You leave each one having started a concrete deliverable, not a page of notes.
Each month produces a finished piece of your program, with the templates and documents to produce it. No single pack at the end, just steady progress you can see.
A small cohort of companies at a similar stage, so the questions, benchmarks, and war stories are relevant to where you actually are.
Two one-to-one sessions across the program, at kickoff and mid-point, plus group office hours for the questions that come up in between.
The working templates you need each month, drawn from real programs, grounded in PIPEDA, Quebec Law 25, and provincial requirements.
If something critical lands mid-program, a breach or a deal-blocking questionnaire, members get a dedicated advisory rate for hands-on help.
A documented inventory of the personal data you hold, where it lives, and who you share it with.
A privacy policy and internal notice that match reality, plus a clear privacy mandate.
Your lawful basis register and a working process for handling access and deletion requests.
A vendor register and a repeatable process for data processing agreements and risk checks.
A privacy impact assessment process, and your first completed assessment, including AI use.
An incident response plan you could actually follow, and a prioritized twelve-month roadmap.
"Ross took us from zero to hero, guiding us through the entire process and helping us build a robust, practical privacy framework. He has a remarkable ability to simplify complex compliance requirements and embed sustainable processes within a business. The foundation he helped us establish remains the backbone of our policy and processes years later."
Tanja Faux, Director, The Talent Experts
"Over several weeks, Ross facilitated coaching and training sessions that were both engaging and actionable. What stood out most was his emphasis on embedding privacy into everyday business processes, rather than treating it as a once-off project. His coaching helped us build internal confidence and capability, so our team understood both their responsibilities and the reasoning behind the controls."
Theo Smit, Owner, TS Recruitment
Ross is a privacy and cybersecurity consultant with fifteen years specializing in privacy and cybersecurity, on top of twenty years in technology. He is CIPP/E certified through the IAPP and has built and assessed privacy programs for organizations across Canada and internationally, with a focus on PIPEDA, Quebec Law 25, and provincial requirements rather than the global frameworks everyone else is citing.
The cohort runs on the same material as the advisory work, scaled so a small group can build alongside it. Ross has run this format with cohorts of companies before, so the structure is proven rather than theoretical.
Plan for the two-hour workshop plus a few hours to finish that month's deliverable. The program is designed around the reality that this is not your only job.
The cohort is built for companies past the startup stage that do not yet have a dedicated privacy team. If you are unsure, the privacy risk assessment will tell you quickly.
Cohorts are grouped by stage across mixed industries, so you get relevant peers without sitting across from a direct rival.
If a breach or a deal-blocking questionnaire lands mid-cohort, members get a dedicated advisory rate for hands-on help, so you are never left to handle it alone.
Take the privacy risk assessment or book a discovery call. We will talk through fit first, and the investment second, so you know it is the right step before we discuss numbers.
Take the free privacy risk assessment to see exactly where your gaps are and whether the cohort is the right fit. Ready to skip ahead? Book a discovery call.
Once a quarter, Ross runs a free two-hour workshop that walks through the Minimum Viable Privacy approach and gets you started on the first piece. It is the easiest way to see how the cohort works before you decide anything. Dates are set a quarter at a time, so add your details and you'll be the first to know when the next one opens.