Chief privacy officer

The Chief Privacy Officer (CPO) is a senior level executive within a growing number of global corporations, public agencies and other organizations, responsible for managing risks related to information privacy laws and regulations.[1] Variations on the role often carry titles such as "Privacy Officer," "Privacy Leader," and "Privacy Counsel."[2] However, the role of CPO differs significantly from another similarly-titled role, the Data Protection Officer (DPO), a role mandated for some organizations under the GDPR, and the two roles should not be confused or conflated.[3][4]

The CPO role was a response to increasing "(c)onsumer concerns over the use of personal information, including medical data and financial information along with laws and regulations."[5] In particular, the expansion of Information Privacy Laws and new regulations governing the collection and use of personal information, such as the European Union General Data Protection Regulation (GDPR), has raised the profile and increased the frequency of having a senior executive as the leader of privacy-related compliance efforts.[6] In addition, some laws and regulations (such as the HIPAA Security Rule) require that certain organizations within their regulatory scope must designate a privacy compliance leader.[7][8]

  1. ^ "The New Terminology for Privacy". The New York Times. 10 April 2019. Retrieved 2019-05-23.
  2. ^ "Full Report: Benchmarking Privacy Management and Investments of the Fortune 1000". www.iapp.org. Retrieved 2019-05-23.
  3. ^ Coseglia, Jared (3 January 2019). "Coffee with Privacy Pros: DPO vs. CPO. Lawyer vs. Technician. The Dualities of Privacy". CPO Magazine. Data Privacy Asia Pte. Ltd. Retrieved 26 May 2019.
  4. ^ "Chief privacy officers may not be eligible to serve as data protection officers under the GDPR, says expert". Out-Law.com. Pinsent Masons LLP. 7 September 2017. Retrieved 26 May 2019.
  5. ^ "Chief Privacy Officer | DefineFinance". www.definefinance.com. Retrieved 2015-10-31.
  6. ^ Tittel, Ed (6 June 2018). "Gearing up for GDPR certification: Only a few good options". Hewlett Packard Enterprise. Hewlett Packard Enterprise Development LP. Retrieved 24 August 2019.
  7. ^ "Summary of the HIPAA Security Rule". US Department of Health and Human Services (HHS). Retrieved 25 May 2019.
  8. ^ "HIPAA Privacy Officer Responsibilities". Compliancy Group. Retrieved 24 May 2019.