Bob Siegel

Opinions expressed by ICN authors are their own.

Bob Siegel has extensive professional experience in the development of privacy policies and procedures, the definition of performance metrics to evaluate privacy maturity, and the evaluation of compliance. He has extensive experience with PCI DSS and Safe Harbor and has deep subject matter knowledge surrounding key laws and regulations regarding consumer privacy and information security.

Throughout his career Bob has worked with computer applications and business practices that guard personal information. In addition to developing these systems, he trained employees to use them properly and efficiently. As the collection of personal information has increased, he has developed new approaches to help his organizations protect their sensitive data (both electronic and paper-based).

Bob is a Certified Information Privacy Professional, awarded from the International Association of Privacy Professionals, with concentrations in US Law (CIPP/US), European Law (CIPP/E), and Canadian Law (CIPP/C). He is also a Certified Information Privacy Manager (CIPM) and a Certified Information Privacy Technologist (CIPT). He is a member of the IAPP faculty and has served on the Certification Advisory Board for its Certified Information Privacy Manager (CIPM) program as well as the Publications Advisory Board. He was also recently awarded as a “Fellow of Information Privacy” by the IAPP.

Most recently, Bob served as senior manager of Worldwide Privacy and Compliance for Staples, Inc., where his responsibilities included development, awareness, and compliance of global privacy-related policies and procedures for more than 60 business units in 26 countries.

A seasoned program management expert, Bob has a long record of accomplishments in business planning, information privacy, sales support, customer support, application development, and product management. He has helped executive teams convert strategic plans into programs with well defined, measurable outcomes. He also has created realistic program schedules and budgets, resolved critical path issues, managed risks and delivered results consistently on time and within budget.

Bob can be reached at bob.siegel@privacyref.com.

The opinions expressed in this blog are those of Bob Siegel and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

The privacy legacy of Edith Marcus

How can you predict the costs of a data breach for your company?

How can you predict the costs of a data breach for your company?

A common fear of privacy officers is a data breach, the unauthorized acquisition or processing of personal information that is maintained by an organization. When I discuss data breaches, the question of the impacts to tan...

Top 5 privacy initiatives for your team in 2017

Top 5 privacy initiatives for your team in 2017

What should a privacy team do to get ready for 2017? 2016 was a year of realignment for privacy. To name just a few of the events, data breaches continued (both large and small scale), U.S. privacy breach notification laws were...

How voice recognition will affect privacy in the Internet of Things

How voice recognition will affect privacy in the Internet of Things

An Internet of Things (IoT) device using voice recognition requires the collection and interpretation of sounds. These sounds may extend far beyond the voice commands being given and cannot avoid being captured. How sound is captured...

How businesses address death, privacy and data quality

How businesses address death, privacy and data quality

I recently received a reminder from a social network to reach out to a friend who died several years ago. The reminder got me to thinking about how we, as a business community, should consider treating personal information when we...

Start up your privacy awareness program: Events

Start up your privacy awareness program: Events

Holding events can be a effective cornerstone of any good awareness program. To keep privacy top-of-mind between annual trainings, awareness programs use informal, unscheduled mechanisms to remind your staff about protecting personal...

Start up your privacy awareness program: posters

Start up your privacy awareness program: posters

Every comprehensive privacy program includes a formal training component. In person classes, computer-based training and webinars are some of the ways to fill this need. Formal privacy training most often occurs once a year. However,...

What is the difference between privacy and security?

What is the difference between privacy and security?

Understanding the difference between privacy and security will explain why a privacy program is dependent upon a security program, thereby making a cooperative, interdependent relationship between the teams (and the Chief Privacy...

Privacy policy or privacy notice: what's the difference?

Privacy policy or privacy notice: what's the difference?

Is there a difference between a privacy policy and a privacy notice? Some of the confusion comes from a company’s description of their privacy practices on their website being called a privacy policy. Some people ask, “Isn’t the...

Phishing for W-2s

Phishing for W-2s

Recently, companies have been receiving requests to send a copy of their W-2s as part of a phishing scheme. How would your organization respond? Some old school, common sense approaches can prevent your staff from releasing personal...

Privacy and operational alignment

Privacy and operational alignment

To be effective, a privacy program needs to be aligned with business goals and objectives as well how those objectives are being met through the organization's daily operations.

Happy Data Privacy Day

Happy Data Privacy Day

Data Privacy Day provides an opportunity for you to re-enforce the themes of “Respecting Privacy, Safeguarding Data and Enabling Trust” within your organization to improve privacy awareness. The result is that you will increase your...

Load More