New York Life Names Chief Privacy Officer

New medical rules may prompt more such appointments

By Maria Trombly

April 23, 2001 12:00 PM ET

Recommended

Computerworld - New York Life Insurance Co. last week joined the likes of American Express Co. and Providian Financial Corp. by naming a chief privacy officer (CPO) to uphold privacy standards and procedures.

CPO Duties

A chief privacy officer’s responsibilities include:

Tracking pending legislation

Staying up-to-date on new technologies

Ensuring, via direct contact with senior managers, that his company’s strategic efforts are in alignment with legal and technical developments

Source: Survey by PricewaterhouseCoopers, New York.

The new CPO, Thomas Warga, is a senior vice president at New York Life. He's also in charge of audit and compliance activities, as well as the office of business conduct.

New York Life, a Fortune 100 company, is one of the largest insurers in the country. It recently revised its privacy policy to meet new federal and state privacy laws and will mail copies of the updated policy to customers and subsidiaries later this month. Warga said the company's previous privacy policy was only an internal document.

Warga said he was picked for the job because his experience in auditing and compliance has given him an enterprisewide perspective.

"Also, over the years, I've been able to develop contacts and working relationships with all the managers of all the business units," he said.

Those contacts include relationships with IT managers.

Warga said he plans to work closely with the chief information security officer, who reports to the CIO, to ensure that the security and privacy policies complement and support each other.

There are now between 200 and 300 CPOs in the U.S., according to Alan Westin, head of the Association of Corporate Privacy Officers in Hackensack, N.J. That number may jump to the thousands in the next couple of years, he said.

"Under the Health Insurance Portability and Accountability Act, every entity covered must designate an official to develop and implement privacy policies," said Westin. "That's 60,000 entities."

In Europe, where privacy standards are stricter than in the U.S., there are already thousands of privacy officers; for example, there are 2,000 data protection officers in Germany and 1,200 in Sweden, Westin said.

Privacy proponents have warned, however, that the recent wave of corporate CPO appointments shouldn't distract the nation from the need for even stricter privacy laws.

"What good does a chief privacy officer do if there are no laws?" asked Edmund Mierzwinski, consumer program director at the U.S. Public Interest Research Group in Washington. "The laws we have aren't good enough, particularly in the insurance business."

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Financial

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.