Charting course on privacy
Lauren Ervin is changing the way companies talk about data privacy. Her unique approach to forging relationships and championing privacy has supported Compass in becoming one of the most trusted brands in real estate.
In this spotlight, we share Lauren’s guidance for fellow privacy professionals working on building cross functional buy-in for privacy.
Watch
1. Set your privacy north star
To avoid an adversarial relationship between compliance and the rest of the business, privacy teams need to be understood as a true partner. Instead of colleagues reaching out only to ask for permission or fix problems, they should want to include you as a collaborator from the beginning.
Start by setting goals that deeply align with the business’ short and long term vision.
This could mean breaking up larger privacy projects into smaller and operationally attainable goals. You want your colleagues to know you’re here to help them win.
2. Nurture collaboration on privacy
When colleagues know you’re on their team, you have the opportunity to be more proactive. At Compass, stakeholders across departments meet biweekly to discuss ongoing privacy initiatives and unlock further innovation opportunities company-wide.
3. Focus on problems with a broad impact
Instead of focusing exclusively on compliance, take the time to understand each team’s needs and explore opportunities to address other’s pains while also driving the company’s privacy practice forward.
By prioritizing Data Subject Request (DSR) management as an early initiative with DataGrail, Ervin could deliver time savings to engineering, improve the customer experience for privacy requests, and strengthen her ability to monitor and report on compliance.
4. Share data intelligence
Understanding where data lives across the tech stack is a critical capability for many teams across the business. DataGrail’s automated data map can make it easy for Ervin to generate a Record of Processing Activity (RoPA), but can also provide critical inputs for InfoSec and data analytics initiatives.
5. Educate leaders on privacy risk
Instead of adopting a prohibition and privacy “policing” approach, Ervin acts as a privacy coach to her business. This means continually educating leaders on a full risk spectrum for their choices, and collaborating together to find an answer, while taking time to weigh all the pros and cons.
As the privacy landscape evolves, Ervin sees a few major challenges that privacy leaders will need to address to be successful.
- AI is here to stay. You need your colleagues to want to partner with you on AI so you can get ahead of any AI-imposed privacy risk.
- Compliance is becoming more visible for consumers. With more state privacy laws releasing every year and an increasing number of highly public privacy-related lawsuits, consumers are demanding more reassurance from companies that their privacy is protected. External-facing roles will need more education on privacy compliance so that they can help build trust with consumers.
Both of these problems will require privacy managers to get highly collaborative and strategic with their partners. Meet your team where they are, choose more efficient privacy solutions that don’t drain resources, and make privacy-by-design feel good to practice.
Ervin’s opinions are her own and not necessarily that of Compass.
Find out how DataGrail can
work for your business