The Privacy Gold Rush
September 19, 2017 by Bill Rosenthal

By Alyssa Rosinski, Global Business Development Director, IAPP

I have a confession to make: I am not a privacy professional. If you’re looking to write your privacy policy or conduct a privacy impact assessment, I know of 31,000 privacy pros who could help you with that. What I can help you with is sharing the business case for why privacy should be top of mind for you and your clients.

Six years ago when I joined the IAPP and told people where I worked, I got nothing but blank stares. I would give the example of signing your HIPAA forms at the doctor’s office for anyone to understand the general concept of privacy, but the conversation pretty much stopped there. Today this conversation takes a whole new direction: Edward Snowden, the Target breach, the Home Depot breach, Ashley Madison–the list of recent events that thrust privacy into the spotlight goes on, waking up companies and consumers in a way they never needed to before.

Maybe you saw the Equifax news? 

I’m not telling you something you don’t already know, but we live in a digital economy and data is the currency. Companies across the globe have troves of consumer data that they collect and use (or, oftentimes, collect but don’t use) to analyze, segment, and target their customers, hoping to give a better customer experience. But that same data, without the appropriate privacy controls and considerations, is also a risk. Companies can no longer turn a blind eye to privacy and data protection–those who do stand to lose consumer trust, loyalty, and brand reputation, as well as a great deal of revenue. Not one company over the past six years has told me those three aspects aren’t crucial to their business. As a matter of fact, what I have seen is the elevation of privacy from something that “companies should pay attention to” to “a C-Suite priority.” 

No company wants to risk being tomorrow morning’s news, of course, but the real driver for privacy is the potential privacy unlocks. A great privacy and data governance program helps you monetize your data holdings without fear of regulatory reprisal. You’ve probably heard that “data is the new oil.” Well, not having a privacy program is a lot like not bothering to drill a well.

So how are companies investing in privacy? We’ve seen a rapid rise in technology vendors helping privacy professionals implement technology solutions throughout the enterprise. Privacy budgets are increasing, and so are the number of people responsible for implementing privacy practices. As more and more employees touch data in their jobs, having a solid understanding of what you can and can’t do with your customer’s PII (personally identifiable information) has become one of the best risk-mitigation and opportunity-discovery tools. Companies all over the world have used the IAPP’s privacy training and certification program, globally recognized as the gold standard, to get their employees up to speed in a hurry. 

Six years ago when I joined the IAPP, we were just about to reach our 7,000th member. Today, we have more than 31,000 members in 100+ countries doing the work of privacy professionals. If I were a betting woman (second confession: I’m so not a gambler) I would place all my chips on privacy. The rate of innovation, the seemingly infinite amount of data generated each day, and the need to manage and protect this data puts the privacy profession on a growth trajectory unlike anything we’ve seen in recent years.

Find out more by attending the International Association of Privacy Professional’s (IAPP) session “Importance of Data Privacy” at LO-CON17 on October 18 and 19 at the Westin Baltimore Washington Airport–BWI. Register now at www.lo-con.com before September 25th and review other attention-grabbing sessions planned at the conference!