What happens when privacy policy meets operational reality?
In this episode of Practical Privacy, Orla Dormer speaks with Avishay Klein, Head of Privacy, AI and Cyber Department at Barnea Jaffa Lande, about why privacy programs often struggle — not because the law is unclear, but because implementation is.
Privacy requirements frequently look straightforward on paper: define retention periods, restrict access, implement controls. But when these expectations meet real systems, real teams, and real constraints, the gap quickly becomes clear.
Avishay brings a practical perspective shaped by working closely with organizations, showing that successful privacy programs are not built through top-down mandates — but through collaboration, realism, and deep understanding of how businesses actually operate.
🎥 Watch the full episode
🎧 Listen on your preferred platform
Listen on Spotify
Listen on Apple Podcasts
What we cover in this episode
Rather than focusing on theory or legal interpretation, this episode explores how privacy can be operationalized in practice. The conversation covers:
The disconnect between data retention policies and technical capabilities
The operational burden of deletion and access requests
Using GDPR as a practical “golden standard” framework
Structuring privacy around core data pillars: users, employees & finance, and marketing
Why understanding the business is critical for DPOs
Designing privacy processes that teams can realistically implement
Moving away from top-down governance toward collaborative execution
Through concrete examples, Avishay explains how privacy programs can move from intention to implementation — without creating friction that prevents adoption.
Key lessons from this episode
Privacy that cannot be implemented is not effective governance
Understanding the business is as important as understanding the law
Collaboration with internal teams is essential for success
Start with what is feasible, then improve over time
Operational reality should shape privacy design, not the other way around
This episode highlights a core truth in privacy and AI governance: success is not defined by policies written, but by practices adopted.
Follow the series
If you want more real-world conversations about privacy operations, AI governance, and scaling compliance without unnecessary complexity:
- Follow Orla Dormer on LinkedIn for updates on new episodes
- Subscribe to our YouTube channel.
- Follow the podcast on Spotify or Apple Podcasts
New episodes are released regularly as part of the Practical Privacy series.
🟡 If the challenges discussed in this episode resonate, you don’t have to solve them alone. Book a demo to see how organisations like Randstad and other global companies operationalise privacy and AI governance in practice, reducing complexity while aligning compliance with how their business actually works. 👉 Book your demo here