![Default Article Featured Image_laptop-newspaper-global-article-090623[95].jpg](https://images.contentstack.io/v3/assets/bltd4dd5b2d705252bc/blt61f52659e86e1227/64ff207a8606a815d1c86182/laptop-newspaper-global-article-090623[95].jpg?width=3840&quality=75&format=pjpg&auto=webp)
The findings of Ernst & Young’s "
" have been released, and the message is clear: organizations expect to invest more in efforts to protect personal information—including hiring more privacy professionals.
“In an increasingly borderless business environment, protecting personal and professional information is a paramount concern,” explains Sagi Leizerov, CIPP, executive director and leader of Ernst & Young’s Privacy Assurance and Advisory services. “Protecting personal information needs to be an ongoing focus across the organization and no longer an afterthought. There needs to be a series of thoughtful and strategic policies that embed privacy protection into new technologies and business practices from the beginning, which will ultimately lead to enhanced business performance.”
Ernst & Young’s report predicts that to accommodate that growth, the number of individuals seeking privacy certifications will increase in the year ahead. As an
report points out, the study results show that organizations plan to allocate more funding in the year ahead toward hiring "highly skilled certified privacy professionals and invest in technical controls that monitor and manage external attacks and internal leaks from within the organization.”
“For example, Ernst & Young in the U.S. has added Certified Information Privacy Professional (CIPP) as one of the possible professional certifications an employee has to earn to be promoted in our advisory practice,” Leizerov notes.
Britton N. Murray, senior privacy counsel for Hilton Worldwide, highlights an example of just how that comes into play in a real-world scenario.
“We’re adding staff this year, primarily to ramp up our capacity to support Hilton Worldwide's global development and push privacy impact assessments further out into the organization,” Murray explains. “This will be a combination of hiring in the Privacy Office, and also raising the level of privacy expertise across business areas. New hires in the Privacy Office will either have the CIPP certification or will be required to obtain it soon after their arrival. We’re also identifying team members in the business who we’ll encourage to obtain CIPP certifications, and the Privacy Office would pay for that.”
The Ernst & Young report indicates that, in addition to professionals focusing solely on privacy, many employees whose roles impact the organization’s use of personal information will become increasingly savvy about privacy risk and compliance matters, with expectations that IT, audit, legal and marketing professionals will be adding privacy education to their career development.
“New technologies associated with mobile communication, social networking and cloud computing have erased the boundaries of how we do business today, but while these new technologies provide tremendous opportunities, they also present new privacy risks for organizations and employees alike,” Leizerov explains.
This year, he stresses, is likely to be marked by a "fundamental shift" in the way organizations approach privacy protection.
"Organizations can no longer ignore the importance of protecting against external or internal threats," Leizerov says, "and must understand that data breaches will not only result in financial penalties but can also severely damage a company’s brand and reputation.”
