Chief Privacy Officer

The Chief Privacy Officer (CPO) is a senior level executive within a United States based business or organization. "Consumer concerns over the use of personal information, including medical data and financial information along with laws and regulations", is one of the key reasons that the CPO role exists, as this was introduced to help keep personal information safe.

There is legislation in different sectors concerning the use of personal information. For example, in medical industry, the protection of patient medical records (e.g. The Health Insurance Portability and Accountability Act of 1996, or HIPAA). Another example is in the finance sector with the safeguarding of consumer financial and banking transactions (e.g. The Fair Credit Reporting Act and its Disposal Rule, and the Gramm-Leach-Bliley Act and its Safeguards Rule and Financial Privacy Rule).

In the United States, the position of chief information officer was first established at Acxiom Corporation in 1991 with the appointment of Jennifer Barrett as CPO, with the second appointment of CPO at the Internet advertising firm AllAdvantage in August 1999, when it appointed privacy lawyer Ray Everett-Church to the newly created position, starting a trend that quickly spread among major corporations, both offline and online. The role of the Chief Privacy Officer was solidified within the U.S. corporate world in November 2000 with the naming of Harriet Pearson as Chief Privacy Officer for IBM Corporation. That event prompted one influential analyst to declare, "the chief privacy officer is a trend whose time has come."

By 2001, the non-profit research organization Privacy and American Business reported that a significant number of Fortune 500 firms had appointed senior executives with the title or role of Chief Privacy Officer. The growth of the Chief Privacy Officer trend was further fueled by the European Union's passage in the late 1990s of data privacy laws and regulations that included a requirement for all corporations to have an individual designated to be accountable for privacy compliance.

By 2002, the position of Chief Privacy Officer and similar privacy-related management positions were sufficiently widespread to support the creation of professional societies and trade associations to promote training and certification programs. In 2002 the largest of these organizations, the Privacy Officers Association and the Association of Corporate Privacy Officers, merged to form the International Association of Privacy Officers, which was later renamed the International Association of Privacy Professionals (IAPP). The IAPP holds several conferences and training seminars each year around the world, hosting association members from major global corporations and government agencies, with executives seeking certification programs in privacy management practices.

...
Wikipedia