What are the Qualifications for a Chief Privacy Officer
The job market in Information security and data privacy has never been hotter. Privacy experts are in top demand because virtually every organization works with personal information - about its employees, its customers, and its vendors - that must be protected. Chief Privacy Officers can have very different backgrounds, but they all have one thing in common; a passion for privacy
Chief Privacy Officer's education
A Chief Privacy officer should have at least a bachelors degree, and preferably a Masters degree, law degree, or ph.D. While there is no one category of study that makes a person well suited to be a good Chief Privacy officer, there are areas of study that are helpful to a career in privacy. Individuals with degrees in Law, Law Enforcement, Finance, Information Technology, Information Security, and Information Risk Management will find the learning curve less steep than others.
Chief Privacy Officer's experience
How much experience you will require of a candidate for the Chief Privacy Officer position will depend on the responsibilities this individual will be expected to undertake upon being hired. A company that collects only limited personal information of its own employees does not really need to hire a full-time Chief Privacy Officer; such a company could combine a part-time privacy officer role with a role as assistant general counsel or information security auditor.
The more sophisticated the type of information your organization maintains, the greater should be your Chief Privacy Officer's level of experience. An organization that deals with financial information, payment card information, and healthcare information should seek an experienced Chief Privacy officer who has dealt with similar issues in previous jobs and can bring that experience to the table when a breach or suspected breach occurs.
Chief Privacy Officer's certifications
The International Association of Privacy Professionals offers several privacy certifications for all types of privacy workers. At a minimum, a candidate for a Chief Privacy Offer position should hold a CIPP, CAPP, or CAPA designation. Additional certifications are avaialble for IT and medical professionals.
Requiring that a Chief Privacy Officer hold a certification guarantees that the individual is indeed a subject matter expert in the field of information privacy because of the rigorous certification process and ongoing requirements for continuing education.
Other desirable qualities
A Chief Privacy Officer should have a working knowledge of the current issues in the privacy world: cross-border transfers of information; requirements for getting parental consent before collecting information from children under 13; data security standards set by the payment card industry, and the like. The best candidate should also have the social skills needed to get key stakeholders in the organization to provide the resources and funding necessary to implement an effective enterprise wide privacy strategy.
In summary, a successful candidate for the position of Chief Privacy Officer will be a well-rounded individual with suitable qualifications, certifications, and experience. A Chief Privacy Officer should have a good understanding of the privacy laws that impact the industry at hand and must have the influencing skills needed to ensure that the privacy function is adequately staffed and funded.
