5 reasons you need to hire a Chief Privacy Officer

Businesses are increasingly relying on data, but they're overlooking another key aspect of data: privacy. In order to keep up with the growing regulations surrounding data privacy, it may be time to hire a Chief Privacy Officer.

bigdata problem thinkstock
Credit: Thinkstock

As data becomes a fundamental part of operations in nearly every industry, businesses are finding that privacy measures are becoming equally as important. Unfortunately, research suggests that businesses don't understand how vital privacy practices are and treat it an afterthought.

A study by cloud-based data protection provider Druva on the "State of Data Privacy in 2015" asked 214 people worldwide at companies with 100 to 5,000 employees how they are tackling data privacy. Of those surveyed, 81 percent reported their business had government privacy compliance and regulation requirements to meet. However, 93 percent of companies reported that they found it difficult to ensure data privacy and 71 percent reported challenges with keeping up with regulations and compliance around privacy.

That's why many companies are considering hiring a chief privacy officer (CPO) to help shape the future of security in the enterprise. Deema Freij, global privacy officer of security services provider Intralinks, stresses the importance of C-suite executives investing in a CPO in 2016. She says companies that don't take hiring a CPO seriously stand to lose their "reputation and a lot of money if they're fined and exposed." Here are five reasons, according to Freij, why you should seriously consider hiring a CPO in the coming year.

1. Changing business landscape

The rate at which data has become important to companies is growing as quickly as technology is changing. Businesses are starting to realize how data can revolutionize the way they operate. Unfortunately, with the good comes the bad; and the bad with data is protecting and securing sensitive information. And it's not as easy as just hoping IT will take care of ensuring data is protected, according to Freij. Businesses need to invest in privacy regulations, especially as new rules and regulations arise. For most companies, that means hiring someone who knows the ins and outs of data privacy -- like a CPO.

"The data privacy landscape is drastically changing in the next few years," says Freij, "This means that companies will need dedicated resources to work their way through pending regulations, which will be complex to say the least."

[ Related stories: How to win the war for IT talent ]

2. Europe's General Data Protection Regulation

In the coming year, Europe will have a big impact on the way businesses all around the world need to evaluate privacy. Freij points to a new initiative called the General Data Protection Regulation (GDPR) out of Europe, which is implementing regulations that will impact any company operating in Europe. It's aimed at giving citizens more control over their personal data by implementing regulations for the way businesses handle private data.

Failure to meet these new requirements means businesses "could be fined up to 4 percent of annual global revenue if there are any serious data breaches," says Freij, "which is a serious hit to take if it can be avoided."

3. Mandated CPO

On the heels of Europe's GDPR comes another reason to hire a CPO. You might be legally required to have one. Part of the regulations include mandating that companies have a CPO, so if you do business in Europe, you may be on the hook to hire one of these professionals. "It's best to prepare now, as things are finalized and implemented across two years, instead of playing catch up. By then, it will be too late," says Freij.

4. Rising number of high-profile breaches

It's been hard to miss the number of high-profile data breaches over the last couple years. Companies from Sony to Target to Home Depot have faced PR nightmares thanks to data breaches. Although much of the enterprise world hinges on technology, there is still a lot of room for human error behind each computer screen. That's why, according to Freij, it's vital that companies hire a CPO to implement a strong and successful security strategy to help ensure business and customer data stays safe and secure.

"A CPO helps develop strategies to support how personally identifiable information is protected from these types of incidents, and can fully brief the c-suite on the issues -- both technical and business -- which could arise from a breach," she says.

[ Related stories: Anonymous employee feedback only tells part of the story ]

4. Avoid a PR nightmare

Having a proactive strategy in place to protect against a security breach isn't only smart to protect data, but also your brand reputation. Freij points out that data breaches are national news these days, and one bad data breach can mean a world of hurt when it comes to damaging your company's reputation. Since CEO's can't have their eye on everything, and CIOs are busy enough with IT, a CPO is the next logical step to help prevent a PR nightmare before it happens. Worst-case scenario, a CPO can at least work to diminish the effects of an attack and create a strategy to avoid future problems.

Related Video

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Download the CIO Nov/Dec 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.