privacy istock warchi 2

The Chief Privacy Officer is emerging an important role in some organisations and sectors. How enterprises are handling confidential information has become vitally important at data-centric businesses. With companies facing large fines because of data breaches, as well as suffering a blow to their reputation and eroding their trustworthiness in the eyes of the public, these issues are exacerbated.

In 2017, the UK government said that 46% of businesses in the UK had suffered a cyber attack targeting data. In the same year, the UK government announced that companies could face fines of up to £17 million for failing to protect themselves against cyber attacks.

The role of the CPO is particularly relevant in a time when UK companies are preparing to become compliant with the EU's General Data Protection Regulation (GDPR) ahead of the May 25 deadline.

Chief Privacy Officer role and job description - What do Chief Privacy Officers do?

The role of a Chief Privacy Officer (CPO) is primarily associated with designing and implementing a company's privacy policy in regards to all the data gathered from staff and clients, in compliance with any applicable federal and national laws. The role is focused on protecting any confidential information held by the company and avoiding any form of unauthorised access or information breaches.

The CPO should have a deep understanding of the operations of a company and their data objectives. This will allow the company to tread the line between gaining the maximum use from data while not upsetting clients or the general public.

The daily operations associated with the role include developing, implementing and maintaining policies, as well as monitoring compliance across multiple departments and looking into any cases of information mishandling. They are also charged with communicating the organisation's overall strategy and individual policies in relation to privacy to both employees and clients of the organisation.

Their role is integrated into the workings of the general office and they will often be consulted about security concerns before the launch of a new project or product. They may also have to mediate when it comes to disputes over how data is used by different departments.

"Most of my time right now is spent in operational meetings, because we're preparing to notify all the cardholders of our privacy policy," says Mark Lawrence, IT director and CPO of US-based CompuCredit Corp. "My role is to facilitate. They're trying to determine if the privacy notices will go out with the regular monthly credit-card bills, or in a separate mailing and whom to notify pursuant to the law."

Depending on the industry, some of the data the CPO could be tasked with protecting could include financial information such as credit card details, health records or employee information.

Who do they work with?

CPO is a leadership role within privacy compliance. They will work closely alongside other senior management executives, particularly the Chief Information Officer (CIO), Chief Compliance Officer (CCO), Chief Security Officer (CSO) and the Chief Data Officer (CDO).

Chief Privacy Officer salary - How much do do Chief Privacy Officers get paid?

A 2015 IAPP survey or US organisations found that the average salary of a CPO was $177,382, while Payscale puts it at $154,331 per year.