Companies Strengthening Data Privacy Function

April 05, 2019

The role of Data Privacy Officer is becoming more common and often reports to a company’s legal function, according to HR Policy members. 

What members are saying: 

  • While most companies report that they have a “Data Privacy Officer,” other companies have similar functions, such as Chief Privacy Officer or Chief Data Officer.  Some companies have privacy in other functions, such as risk.

  • Most Data Privacy Officers or similar roles report to legal or a legal function.  Others report to compliance or the CHRO.  In some cases, the role is divided among different roles that work together through committees with involvement by senior leadership.  
  • Often, the Data Privacy Officer will work within a cross-functional committee or team. 

The conversation continues in Congress: Senate Commerce Committee Chair Roger Wicker (R-MS) and Sens. Brian Schatz (D-HI), Richard Blumenthal (D-CT), and Jerry Moran (R-KS) met this week to discuss a federal data privacy bill.  While nothing was decided, Sen. Moran said, “Today’s meeting keeps me in that category of being an optimist that that path can be found.”

What it means: Companies, and especially HR Policy members, often go above and beyond what is required by law in creating competitive workplaces.  However, with California’s consumer privacy data law taking effect on January 1, 2020, and Washington state poised to pass their own sweeping data privacy law, this issue will continue to gain traction in the states, potentially creating a burdensome patchwork of differing state and local requirements.  A preemptive federal law would address this problem, but it would need to differentiate in many areas the collection and handling of HR data from consumer data.