Many organizations are collecting, storing, managing, sharing or processing personal information during the course of their business operations. With improved awareness of the impact of personal data collection and use, and increased regulation or new security threats, organizations must examine ways to successfully manage personal information throughout its lifecycle. Privacy is also a brand issue and companies need to protect their brand image. Multiple legislations such as GDPR in Europe, CCPA/CPRA in California along with various state specific laws in US, CBDT in China and many country privacy legislations mandate a comprehensive risk management approach to privacy. Organizations need to take a pragmatic approach while fulfilling these legal and regulatory obligations to be able to continue delivery of their products and services.