How does your organization title its privacy leaders?

iAPP.org states that the title an organization used to denote its privacy leaders may tell a lot about its approach to privacy. They state the most popular 5 terms are;

1) Privacy Officer

2) Chief of Privacy, or Chief Privacy Officer

3) Counsel

4) Security Director

5) Vice President of Privacy

So you have a privacy leader, where do they fit within your organization?

While iAPP states there is no standard organization structure for privacy across organizations, Natuvion’s GDPR or transformation projects have consistently worked with 3 business functions; a legal or DPPO team, business analyst team and technical team (IT). The GDPR project itself was driven by Legal or a DPPO [Data Protection and Privacy Office], with each function running a sub-project for their related actions.

So you have a privacy leader, do you have privacy vision?

A privacy mission statement or vision document has the goal of communicating your company’s privacy position to all stakeholders and is always used in company wide education too.

Elements of a privacy vision

1) Value or privacy to the organization

2) Organizational objectives

3) Strategies to achieve intended outcomes

4) Roles and responsibilities - for example, only trained and authorized employees will have permission to work with personal data.

The Value of iAPP


The International Association of Privacy Professionals (IAPP) is the largest and most comprehensive global information privacy community and resource, helping the Natuvion team develop and advance their careers and help our customers manage and protect their data.  

At Natuvion, we are committed to providing a forum for our privacy and data consultants to be certified in and keep up to date with best practices, track data and privacy trends, data protection, information auditing, information security, legal compliance and/or risk management to ensure we are meeting the needs of our clients.