Expand mobile version menu

Chief Privacy Officer  What They Do

Just the Facts


Insider Info

dot Chief privacy officers (CPOs) are information managers. This is a young profession that's growing fast as the power of technology to capture -- and misuse -- personal information grows.

dotChief privacy officers make sure that their company or organization handles data in a way that works with the law as well as the needs of customers and employees.

You'll find chief privacy officers in government, nonprofit organizations and private companies. They coordinate all activities that have implications for privacy. They are constantly monitoring an organization's products, services and systems to ensure the use of proper privacy practices.

dot Being able to understand policy and legislation is essential for this career.

"It's the ability to kind of read and interpret policy," says Bruce Roney, a CPO. "And I think that is a skill. There's a certain kind of logic that comes with that -- you extrapolate from a policy and say, 'Here's what's meant in real life.'"

Chief privacy officers might conduct risk assessments, act as privacy advisors to management and staff, train other employees on privacy issues, be responsible for privacy dispute issues, make reports to company executives, or identify areas where new procedures are recommended. They might also give statements to the media or to government bodies on issues related to privacy.

dotPrivacy officers protect personal information about people. That information could include their address, phone number, social insurance number or any information that is could identify that person.

On the Internet, this information is very valuable to companies because they can know exactly who they are sending advertising material to. With the information collected, marketing companies can send highly focused marketing messages -- but there is a risk of hurting people's privacy.

A CPO must balance business and marketing needs with our need to maintain privacy. CPOs ensure that people are comfortable and have a trusting relationship with a company or organization.

"You have to be very ethical, creative, and you have to be logical," says Merri Beth Lavagnino. She's the CPO for Indiana University. "You need to be able to apply logic and make things more equal and fair," Lavagnino adds. "You need to be able to understand law, see the big picture, [and] you need to be able to influence people to want to do the right thing...

"People don't want to invade privacy, they just don't understand privacy as a field, so my job is to teach them carefully -- 'Well, you don't really want to do that because people feel that that's an invasion.'"

There are growing privacy concerns about how technology is being used to collect personal information. The Internet has made it possible to gather and exchange information very quickly. Concerns have risen to the point that governments have passed -- and are continuing to pass -- privacy laws to protect the public. CPOs must stay current with these constantly evolving laws.

At a Glance

Protect sensitive information

  • The CPO must balance the business and marketing needs of a company with the needs of users to maintain privacy
  • There is no specific educational program for this occupation
  • Training in law, marketing or technology is good