ⒾMachine translations by Deepl

‘Being ’in control' with privacy - how do you do it?

Article
Privacy Awards
20 January, 2026

Last year, the tool Privacy-aware Leadership of the RijksAcademie voor Digitalisering en Informatisering Overheid (RADIO) won the Incentive Award at the Dutch Privacy Awards. Recently, Privacy First looked back at the past year with Janet Yuen (RADIO project leader) and Rutger Bos (Chief Privacy Officer, Ministry of General Affairs), the development Privacy-aware Leadership has gone through and the steps taken. In addition, we discussed the use cases of organisations for whom this tool has proved valuable.

One year later

As the team looks back on winning a Dutch Privacy Award after almost a year, the question can be answered as to whether this product has given direction to the expectation and ideas envisioned in its development.

Rutger explains: “We have made this tool our own for General Affairs (AZ), so that it fits in optimally with our processes. As a result, this product acts as a “one-stop-shop” on our Rijksportaal, where everyone simply by logical click-throughs each time gets to the right information related to the process they are in.

Above all, it acts as a base that any organisation, not just government, could use, regardless of industry or size. It provides order in the chaos of information and simplifies to link the relevant information from the national portal to, for example, a self-service portal.

The product is at the stage of fine-tune and enrich it with additional links to support government-wide communication. It was developed for the government, but is applicable to any organisation, including SMEs. This applies not only to the privacy domain, but also to other business processes and documentation, e.g. employment agreements and contracts.

The routes of Privacy-Aware Leadership provide a tool for getting started with the AVG in practice. This is necessary because knowledge of privacy laws and regulations sometimes leaves much to be desired, especially among administrators, so reported also the Personal Data Authority (AP) in October 2024. The tool is a graphic representation of situations in which managers in the public domain will have to deal with the AVG.

The tool consists of six routes (situations), each with a series of intermediate stops, or actions. Together, this roadmap gives a manager practical tools to comply with the AVG. Without diving into the theory first, managers learn about privacy along work practices and can take informed actions.”

Who is it applicable to?

“Privacy protection is the responsibility of everyone, not just one layer within an organisation. In this way, both management and employees can use this product. What is very much appreciated is the visually simplified display because if it were presented in text, it could quickly become impenetrable and complex. The fact that attention has been paid to design to make things understandable is an essential aspect. Perhaps a cliché, but a picture says more than 1,000 words.”

The importance of looking ahead

“For us, the focus is on both the near and distant future. We may be systematically adding routes for future tasks. Ultimately, we collect a lot of confidential government information, which is stored in a certain way and is currently being considered how it will be accessed in the future. An example: suppose in 10 years‘ time the government moves to unlocking the National Archives, for example, using ’large language models (LLMs)”, this could have an impact on the privacy protection we think we have now. That is why we are already thinking about the protection that will be needed in the future, so that even then, confidentiality remains as initially intended and violation of that confidentiality is made impossible."

Semi standard or semi customised?

“Organisations were called and invited to download the product and start working with it. For this, last summer (2025), a walk-in session was organised as more than 80 organisations had expressed interest in the toolkit and had additional questions about it.

What is powerful is that much content and models are available in Word format, which any organisation can start working with immediately and much has already been prepared. This makes it easy for interested parties to quickly make this content organisation-specific. The oil spill happens when more people start using it and we get the ‘swan-clutching effect’. This causes professionals to go to their manager or other colleagues and say, “Hey look here, this works great!"

What has the run-up to the Privacy Awards brought you?

“It brought us focus on the end result and brought into sharper focus which target group we wanted to reach. So we focused not only on the content (what should it be able to do), but especially on applicability by the intended target group (how do we increase adoption). In addition, for internal exposure ensured that people know how to find us better. If a privacy issue is initiated somewhere in General Affairs” working practices, we are involved in the process earlier than before."

What tip would you give hesitant candidates for the Privacy Awards?

“Just sign up, even if your project is not completely finished. It motivates the team, the organisation and you always bring privacy maturity closer. It helps you think, shape and sharpen your ideas and plans.

Advice: just do it!"

For more information on the Dutch Privacy Awards, the participation criteria and an overview of all nominees and winners since 2018, visit PrivacyAwards | Privacy First.