What does it actually take to design and implement a global privacy framework inside a multinational organisation?
In this episode of Practical Privacy, Orla Dormer speaks with Marcelo Canha, Global Privacy Director & DPO at Organon, about the operational realities of building a scalable privacy programme across multiple jurisdictions, business functions, and regulatory environments.
Many organisations begin with strong policies and ambitious governance models, but quickly discover that implementation is where complexity emerges. Different business units operate differently, local regulations vary significantly, and global alignment often clashes with operational realities.
Marcelo shares practical insights from leading privacy at global scale — including how to create consistency without becoming overly rigid, and why successful frameworks must evolve alongside the organisation itself.
🎥 Watch the full episode
🎧 Listen on your preferred platform
Listen on Spotify
Listen on Apple Podcasts
What we cover in this episode
Rather than focusing purely on documentation and controls, Marcelo explains why effective privacy frameworks must be operationally practical and closely connected to the business. He discusses:
- The challenges of implementing privacy consistently across global markets
- Why governance frameworks fail when they become overly theoretical
- How to balance central oversight with local operational realities
- The importance of embedding privacy into existing business processes
- Building collaboration between legal, compliance, security, and operational teams
- Why scalability matters from the very beginning of framework design
A major theme throughout the conversation is that privacy maturity is not achieved through policies alone. Long-term success depends on creating structures that teams can realistically adopt and sustain.
Key lessons from this episode
- Privacy frameworks must support the business, not slow it down
- Global consistency requires flexibility at local level
- Operational integration matters more than documentation volume
- Cross-functional collaboration is essential for sustainable privacy governance
- Scalability should be designed into the framework from the start
- Privacy leadership requires both strategic thinking and operational pragmatism
Follow the series
If you want more real-world conversations about privacy operations, AI governance, and scaling compliance without unnecessary complexity:
- Follow Orla Dormer on LinkedIn for updates on new episodes
- Subscribe to our YouTube channel.
- Follow the podcast on Spotify or Apple Podcasts
New episodes are released regularly as part of the Practical Privacy series.
🟡 If the challenges discussed in this episode resonate, you don’t have to solve them alone. Book a demo to see how organisations like Randstad and other global companies operationalise privacy and AI governance in practice, reducing complexity while aligning compliance with how their business actually works. 👉 Book your demo here