Tom Fox chats with Russ Berland about how his certification in privacy has facilitated him in his role as CCO.
Another Form Of Risk Management
A number of Russ’ clients needed to address privacy issues; however, the available resources were mostly European. He gained the Certified Information Privacy Professional certification so that he could meet the market need. Russ says that he looks at privacy as another form of risk management. We need to create a framework to comply with privacy laws, as well as investigate any potential violation.
Russ comments that privacy laws in the US are not as comprehensive as the EU’s GDPR. Privacy is generally seen as consumer protection in the US, while it is considered a human right in the EU.
Meeting State Standards
Tom comments that there is no national privacy law in the US at this point. He asks Russ how Aventiv thinks through crafting a privacy policy that might potentially have to satisfy 50 different state privacy laws. At present, Russ says, nine states have created privacy laws. Aventiv’s strategy is to meet the most stringent standards, and make that the national standard. Usually if you meet California’s standards, you can comply with the other states. Russ is pleased with Aventiv’s willingness to embrace compliance as a driver of their company culture.
Resources
IAPP.org