Privacy law compliance obligations continue to increase in complexity and scope, requiring a program that receives ongoing attention and support. In this final installment of our series on privacy programs, we discuss assessing and maintaining the program, including insights from lead privacy officers at Johnson Controls, Yahoo, Toyota Financial Services, T-Mobile and AT&T. Parts one, two and three addressed privacy’s organizational structure, coordination with other business units, program scope, the gap analysis, obtaining buy-in, and whether and how to use automation tools and other outside resources. See our three-part guide to privacy frameworks: “Examining Options” (Dec. 8, 2021); “Finding the Best Fit” (Dec. 15, 2021); and “Implementation and Maintenance” (Jan. 5, 2022).