The COVID-19 pandemic's impact on the world has been well-documented by now, and it will likely be years for industries to recover from the drastic disruptions they encountered in 2020.
However, privacy has been one of the few exceptions. As work, school and health care appointments shifted to digital, a whole new slate of privacy issues emerged. Because of this shift, privacy professionals continued to be in demand even as other industries scale back their hiring practices. Regardless of the trajectory of the pandemic in 2021, don't expect any of these hiring trends to go anywhere soon.
One of the reasons why privacy professionals were targeted by organizations, particularly in the U.S., was due to the Health Insurance Portability and Accountability Act. TRU Staffing Partners Founder and CEO Jared Coseglia said organizations were not prepared to pay increased attention to HIPAA requirements as they collected more health information from employees.
Coseglia added this heightened focus on HIPAA led to a particularly strong surge in hiring privacy professionals who knew their way around the law.
"Just augmented HIPAA expertise, whether it was in full-time hiring or contract augmentation, has been a huge component of privacy growth and specifically in what we call the health care tech segment, that has been the busiest intersection of job opportunities over the last years," Coseglia said during an IAPP LinkedIn Live. "Health care tech companies see opportunity. They are ramping up quickly. They are hiring from the top down in 2020 at the (chief privacy officer) level."
Privacy professionals in this situation occupy roles that perhaps did not exist prior to the pandemic and, as a result, will have to bring in more people to take on additional tasks. Coseglia said these high-level privacy professionals are, in turn, going to hire middle management staff directors, regional managers of privacy and entry-level privacy professionals in the year ahead.
Coseglia has seen this trend start to show itself in the first quarter of 2021 but expects it to grow "aggressively" in the second and third quarters of the year.
Even when the pandemic winds down, a fair number of employees are likely going to continue working remotely, with some companies likely to eschew in-person operations altogether.
There is no reason to expect privacy to be any different. In fact, Coseglia said the number one "candidate motivator" in 2019 was flexibility with remote work. This was, of course, one year before "coronavirus" became branded into the collective lexicon.
Companies that don't embrace even a small level of remote working may find themselves struggling to keep staff on board, and Coseglia warns they will change their tune in due time.
"The companies that are saying, 'Everybody has to come back to the office, that’s how we’re most productive, we are going right back to the way it was,' are going to find themselves probably about-facing in another six to 24 months because they are going to lose people," Coseglia said. "Their talent is not going categorically embrace that."
Forrester Research Senior Analyst, Security and Risk Enza Iannopollo, CIPP/E, echoed similar sentiments. Iannopollo said research conducted by Forrester has shown employees across the globe want some ability to work from home, and companies are starting to take notice.
"l am witnessing a number of cases in which employers are looking at ways of making policies that include flexible working," Iannopollo said. "It might be for maybe 20% of their employees, but then we have heard of companies that have said 100%. Now I think a number between 20% and 30% of workers working from home or working more flexibly is something that is realistically happening."
An increased emphasis on remote employment has not only made the hiring process faster, but also more inclusive. With more organizations open to hiring remotely, Coseglia said a chief privacy officer could be chosen from any state in the U.S., and with video calls replacing in-person interviews, the hiring process can go from weeks to as little as 48 hours. Coseglia advises companies to move quickly when identifying a qualified candidate for a privacy role as competitors have every opportunity to poach a potential employee in the blink of an eye.
Of course, it's important to note this is primarily through a U.S. lens. Organizations around the world may not have the luxury of hiring anyone from anywhere. As the U.S. does not have strict rules on transborder data transfers and data localization compared to other parts of the world, the hiring experience for others may not be a one-to-one experience.
"Clients in Germany may not have the option of hiring somebody in Switzerland to handle the data that needs to be handled in Germany," Coseglia said. "Whereas in the United States, for someone in Seattle or Wichita, Kansas, it may not make any difference in terms of touching data, data transfers, accessing data and being able to actually do the job. In Europe and in other parts of (the Asia-Pacific region), it does."
There are also cultural differences in how remote employment is viewed.
Coseglia said his European clients, in particular, value the opportunity to work in the office. While working from home may be viewed as an advantage in the U.S., Coseglia said Europeans want to maintain a strong balance between work and home. Iannopollo did point out, however, that Europeans who responded to Forrester's research expressed positive sentiments to remote employment.
The pandemic has also catalyzed one other major change to the privacy job market, and it remains to be seen whether it will carry over to the years ahead. Coseglia said 56% of privacy professionals TRU Staffing Partners placed in 2020 were in contract positions. It was the first time in his company's history it filled more contract roles than full-time positions.
Part of this shift may be due to the evolution of the privacy role.
Iannopollo calls privacy a "multifunctional discipline," which requires a privacy professional to interact with the IT, governance and security team to help them understand compliance requirements. Should the privacy role continue its metamorphosis, the person brought in to facilitate those relationships may not need to be on staff full-time.
"They need the specific expertise, and maybe it’s not someone who is going to stay there forever. Maybe it’s someone who has to serve a specific task at a specific time," Iannopollo said. "I do see the expertise in privacy evolving and becoming more specific in some areas, and I think that is also playing into the need for shorter contracts to fill those roles."
Contract roles may have experienced a surge in popularity during the COVID-19 pandemic, but Coseglia does not expect employers to send those employees on their way when the allotted time ends. The last year has shown privacy professionals are sorely needed in a post-pandemic world.
Full-time privacy professionals are not going anywhere. The process to get there is now just a little different.
"Do I see a ton of full-time entry-level positions? No, a lot of those mid- and entry-level positions are going to be contract, but a lot of them are going to be contract-to-hire, and as people come into organizations and prove themselves, companies will try to keep them and retain them and convert them into full-time," Coseglia said.
Photo by Tim Mossholder on Unsplash
If you want to comment on this post, you need to login.