So you want to be a privacy pro?
Computerworld - It's an increasingly familiar scene: The IT manager lingers after a meeting with the chief privacy officer (CPO) to see how he, too, can become involved in privacy, the defining issue of the Information Age. Why is this happening in my company and others? Probably because IT pros know better than anyone how personal data needs to be protected, and they're motivated to make things right. But before you make the big leap from IT to privacy, run through this checklist to see if the move is right for you.
Step 1: Find out if you'd actually like the daily tasks.
The mission to protect people's privacy can be very inspiringbut the reality within your company may be quite different. The privacy function where I work encounters a great variety of challenges because we operate in many industries and countries. But if your company serves a single industrysuch as finance or health careand you have offices only in North America, your job may be limited to routine compliance tasks that are more distant from the mission of protecting people's privacy.
What makes up the daily life of a privacy professional? The best sources of information on the profession are the International Association of Privacy Professionals (IAPP) and the Ponemon Institute. Their 2005 joint survey discovered that privacy officers spend roughly half their time on three activities: responding to incidents, developing and implementing policies, and advising the organization on proper privacy practices. (For a breakdown of the results, see the table below.) Go to page 2>>
Privacy Professional Key Duties
Managers involved in IT governance may find several familiar tasks in a privacy job, but some tasks such as analyzing privacy regulations and providing privacy consulting to the company are likely to be new territory.
% of total time
Responding to incidents
Developing and implementing policies and guidance
Advising/consulting the organization
Administration (personnel and budget)
Developing and performing training and communications
Developing privacy strategies
Performing risk assessments and data inventories
Monitoring and measuring compliance (enforcement)
Reporting to management
Source: International Association of Privacy Professionals and the Ponemon Institute's 2005 survey of 224 privacy professionals
Step 2: Find out if you'd have direct C-level support.
Everybody wants top-level support for their projects. But for a function as new and undefined as privacy, it's essential. Without it, you could easily find yourself in a career cul de sac, spending years in the bureaucratic wilderness without meaningful results. How can you tell if privacy is valued by your company?
First, look at who the privacy leader reports to. Ideally, it's directly to the CEO, so that the privacy perspective has an equal and independent voice in the boardroom. It's still a strong sign if privacy reports to a C-level board member.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Future Focus: What's Coming in Enterprise Mobility Management (EMM) Find out why Enterprise Mobility Management (EMM) solutions that are truly future-ready must be designed to enable Machine-to-Machine (M2M) capabilities and much more.
- The CIO's Guide to Enterprise Mobility Management (EMM) This guide will help those making an EMM platform decision make the best choice for their organization.
- Yankee Group: BlackBerry Results Refute Rumors of its Demise Yankee Group: BlackBerry® is stronger than the press makes it out to be.
- Your New EMM Platform: How to Streamline the Migration Smartphone migration can be resource-intensive and challenging. Find out how outsourcing the process can save significant time and money.
- Live Webcast Increasing the Value of Your Reports and Dashboards Learn how incorporating other analytical capabilities such as predictive modeling and visualization can increase the value of your reports and dashboards by providing...
- Testimonial: Cystic Fibrosis Trust Peter Hawkins, the Head of IT for Cystic Fibrosis Trust, discusses the role CommVault's Simpana software platform plays in improving the company's information...
- Increasing the Value of Your Reports and Dashboards Learn how incorporating other analytical capabilities such as predictive modeling and visualization can increase the value of your reports and dashboards by providing... All Management White Papers | Webcasts