Chief privacy officer
Encyclopedia
The Chief Privacy Officer (CPO) is a senior level executive within a business or organization who is responsible for managing the risks and business impacts of privacy laws and policies. The CPO position is relatively new and was created to respond to both consumer concern over the use of personal information, including medical data and financial information, and laws and regulations, including, but not limited to, legislation concerning the protection of patient medical records (e.g., The Health Insurance Portability and Accountability Act of 1996, or HIPAA) and the use and safeguarding of consumer financial and banking transactions (e.g., The Fair Credit Reporting Act
and its Disposal Rule, and the Gramm-Leach-Bliley Act
and its Safeguards Rule and Financial Privacy Rule).
The position was first established at the Internet advertising firm AllAdvantage
in August 1999, when it appointed privacy lawyer Ray Everett-Church
to the newly created position, starting a trend that quickly spread among major corporations, both offline and online. The role of the Chief Privacy Officer was solidified within the U.S. corporate world in November 2000 with the naming of Harriet Pearson as Chief Privacy Officer for IBM Corporation
. That event prompted one influential analyst to declare, "the chief privacy officer is a trend whose time has come."
By 2001, the non-profit research organization Privacy and American Business reported that a significant number of Fortune 500
firms had appointed senior executives with the title or role of Chief Privacy Officer. The growth of the Chief Privacy Officer trend was further fueled by the European Union's passage in the late 1990s of data privacy laws and regulations that included a requirement for all corporations to have an individual designated to be accountable for privacy compliance.
By 2002, the position of Chief Privacy Officer and similar privacy-related management positions were sufficiently widespread to support the creation of professional societies and trade associations to promote training and certification programs. In 2002 the largest of these organizations, the Privacy Officers Association and the Association of Corporate Privacy Officers, merged to form the International Association of Privacy Officers, which was later renamed the International Association of Privacy Professionals
(IAPP). Today the IAPP holds several conferences and training seminars each year around the world, hosting thousands of association members spanning hundreds of major global corporations and government agencies, with hundreds of executives seeking certification programs in privacy management practices.
Fair Credit Reporting Act
The Fair Credit Reporting Act is a United States federal law that regulates the collection, dissemination, and use of consumer information, including consumer credit information. Along with the Fair Debt Collection Practices Act , it forms the base of consumer credit rights in the United States...
and its Disposal Rule, and the Gramm-Leach-Bliley Act
Gramm-Leach-Bliley Act
The Gramm–Leach–Bliley Act , also known as the Financial Services Modernization Act of 1999, is an act of the 106th United States Congress...
and its Safeguards Rule and Financial Privacy Rule).
The position was first established at the Internet advertising firm AllAdvantage
AllAdvantage
AllAdvantage was an Internet advertising company that positioned itself as the world’s first "infomediary" by paying its users/members a portion of the advertising revenue generated by their online viewing habits...
in August 1999, when it appointed privacy lawyer Ray Everett-Church
Ray Everett-Church
Ray Everett-Church , is an American attorney, entrepreneur and author. He was dubbed "the dean of corporate Chief Privacy Officers" by Inter@ctive Week magazine, first creating that title and position in 1999 at online marketing company AllAdvantage...
to the newly created position, starting a trend that quickly spread among major corporations, both offline and online. The role of the Chief Privacy Officer was solidified within the U.S. corporate world in November 2000 with the naming of Harriet Pearson as Chief Privacy Officer for IBM Corporation
IBM
International Business Machines Corporation or IBM is an American multinational technology and consulting corporation headquartered in Armonk, New York, United States. IBM manufactures and sells computer hardware and software, and it offers infrastructure, hosting and consulting services in areas...
. That event prompted one influential analyst to declare, "the chief privacy officer is a trend whose time has come."
By 2001, the non-profit research organization Privacy and American Business reported that a significant number of Fortune 500
Fortune 500
The Fortune 500 is an annual list compiled and published by Fortune magazine that ranks the top 500 U.S. closely held and public corporations as ranked by their gross revenue after adjustments made by Fortune to exclude the impact of excise taxes companies collect. The list includes publicly and...
firms had appointed senior executives with the title or role of Chief Privacy Officer. The growth of the Chief Privacy Officer trend was further fueled by the European Union's passage in the late 1990s of data privacy laws and regulations that included a requirement for all corporations to have an individual designated to be accountable for privacy compliance.
By 2002, the position of Chief Privacy Officer and similar privacy-related management positions were sufficiently widespread to support the creation of professional societies and trade associations to promote training and certification programs. In 2002 the largest of these organizations, the Privacy Officers Association and the Association of Corporate Privacy Officers, merged to form the International Association of Privacy Officers, which was later renamed the International Association of Privacy Professionals
International Association of Privacy Professionals
The International Association of Privacy Professionals , headquartered in Portsmouth, New Hampshire, is a global association of privacy and security professionals. With more than 9,000 individual and corporate members in 73 countries, the IAPP seeks to define, promote and improve the profession of...
(IAPP). Today the IAPP holds several conferences and training seminars each year around the world, hosting thousands of association members spanning hundreds of major global corporations and government agencies, with hundreds of executives seeking certification programs in privacy management practices.
See also
- Privacy Office of the U.S. Department of Homeland SecurityPrivacy Office of the U.S. Department of Homeland Security- Privacy Office Overview :Created by Congress in 2002, the DHS Privacy Office is the first statutorily required privacy office in any federal agency, whose mission is to preserve and enhance privacy protections for all individuals, to promote the transparency of Department of Homeland Security ...
- Chief Privacy Officer, Department of Homeland SecurityChief Privacy Officer, Department of Homeland SecurityChief Privacy Officer, Department of Homeland Security is an appointed position within the United States Department of Homeland Security, which is part of the federal government of the United States in the United States.- Dual Title :...