IAPP Innovation Award Winners, Privacy Leader of The Year Receive Trophies at Toronto's Hockey Hall of Fame

The IAPP Privacy Innovation Awards and the IAPP/Deloitte & Touche Vanguard Award were presented Oct. 19 during an exclusive member reception at the Hockey Hall of Fame in Toronto.

More than 30 individual organizations participated in the 2006 Innovation Awards, the largest number of nominees ever in the four-year history of this distinguished awards program.

"We are delighted to recognize these organizations for their leadership in the development and delivery of privacy programs," said J. Trevor Hughes, Executive Director of the IAPP. "The depth and breadth of nominations this year is a testament to the continued growth of our field."
Large Organization category (More than 5,000 employees)
This award was presented jointly to Royal Philips Electronics and General Electric Corp., which tied for their entries on Binding Corporate Rules (BCR) as a mode of compliance for cross-border data transfers.

General Electric is the first company in the world to pursue a BCR policy that assures employees that their data will be handled using the highest and best practices no matter where in the world the employee or the data is located. The GE BCR has been approved in more than a dozen countries to date - more than any other model - and is under consideration in all EU countries. This BCR model governs the company's relationship with its 350,000 employees worldwide and is available in 27 languages.

Philips publicly announced its BCR project at the International Data Protection Conference in Sydney in 2003, when it was already in an advanced drafting stage. The Philips Privacy Code is currently moving through the final approval process in 22 European countries. The unique approach taken by the Philips Privacy Code is that it combines two existing concepts of European data privacy law: the U.S./EU Safe Harbor Program and the (sectoral) Codes of Conduct. The Philips Privacy Code is a self-regulating document which, after endorsement by European Data Protection Authorities, creates a "safe haven" for personal data within the worldwide Philips group.

Small Organization category (Less than 5,000 employees)
The winner in this category was ATB Financial, which won the award for its privacy program communications plan. Alberta, Canada-based ATB Financial is a full service financial institution that is the largest deposit-taking institution headquartered in Western Canada.

ATB Financial's innovative privacy initiative was both strategic and technological, according to the Innovation Awards judges. It crossed multiple divisions of the organization and required extensive, planning, assessment and coordination of cross-sectional business units. Rather than collect customer consent on separate forms, ATB Financial designed a system to direct customers to a single point of entry and awareness. A privacy brochure enforced by a publicly available Customer Privacy Code was also created and distributed to all existing customers to capture one, uniform consent for portfolio management. This complex and intricate effort resulted in the one of the first online opt-outs made available for customers of financial institutions in Canada.

"As an Alberta-based financial institution, ATB Financial is very pleased to be recognized by the IAPP for its innovative privacy approach," said Privacy Officer Sandra Smith-Frampton, CRM.

IAPP Privacy Innovation Technology Award
Voltage Security, Inc., won the technology award for its Voltage Identity-Based Encryptionâ„¢ technology incorporated into its data protection solutions. Voltage IBE protects information on PCs (laptops, desktops, mobile and wireless devices) and in email communications, and enables compliance with a broad range of privacy guidelines and regulations, such as PCI, HIPAA, GLBA, PIPEDA and the Data Protection Act.

Voltage IBE solutions can be used to protect the privacy of information internally within an organization, such as HR and financial information; externally with business partners, brokers and the supply chain to protect company confidential information, such as pricing and other trade secrets; as well as with customers to protect personally identifiable information, such as credit card, Social Security and drivers license data. Voltage IBE solutions are in use by more than 250 world-leading organizations, and by partners such as Integro Insurance Brokers, Spheris, XL Global Services, Winterthur Life, Microsoft, NTT Communications, Symantec, Ciphertrust, Proofpoint and Tablus.

Marriott's Chris Zoladz is Privacy Professional of the Year

The IAPP and Deloitte & Touche LLP ("Deloitte & Touche") proudly presented Chris Zoladz, Vice President, Information Protection, Marriott International, with the IAPP/Deloitte & Touche Vanguard Award, which recognizes the privacy professional of 2006.

"Chris Zoladz is a pioneer of the nascent privacy profession," said IAPP Board President Kirk M. Herath, CIPP/G, President of the IAPP Board of Directors and Chief Privacy Officer, Associate General Counsel, Nationwide Insurance Companies. "He was the first CPO for Marriott and he was one of the first leaders of the IAPP. As a mentor to many privacy professionals, I can think of no one more deserving for this year's Vanguard Award."

"Privacy is as much a key business issue as top-line growth, cost reduction, or tax optimization, and Deloitte & Touche is proud to recognize and support excellence in the privacy profession," said Rena Mears, National Privacy & Data Protection leader in the Security & Privacy Services practice at Deloitte & Touche LLP, the co-sponsor of the Vanguard Award. "We support the Vanguard Award and remain deeply committed to advancing the privacy profession."

Zoladz, a longtime committed privacy leader for the privacy industry and past president of the IAPP Board of Directors, was nominated in large part for his role as chairman of the Privacy Roundtable at Marriott, Hilton, Hyatt, Starwood and InterContinental. In this capacity, Zoladz spearheaded an initiative in this group to develop privacy training for hotel employees.

Zoladz, a Certified Information Privacy Professional, brought together this group of marketplace competitors to embrace the importance of launching a gold standard privacy training program for hotel employees. He not only had the vision, but also coordinated the logistics and arrangements with vendors for the program.

Lynn Goodendorf, Vice President of Data Privacy at InterContinental Hotel Group, praised Zoladz for his leadership.

"This effort led to a mandatory brand standard in our company that all hotel employees must be trained using this program," said Goodendorf, who nominated Zoladz for the award. "We have now deployed this training to over 2,500 hotels in the U.S., Canada and Mexico, in both English and Spanish. It takes a special kind of leadership to get fierce competitors to collaborate and Chris did it."


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Advertise in IAPP Publications

Find out how to get your message in front the people you want to reach. Download a media kit now.

Get more News »

Find a KnowledgeNet Chapter Near You

Network and talk privacy at IAPP KnowledgeNet meetings, taking place worldwide.

Women Leading Privacy

Events, volunteer opportunities and more designed to help you give and get career support and expand your network.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

The Training Post—Can’t-Miss Training Updates

Subscribe now to get the latest alerts on training opportunities around the world.

New Web Conferences Added!

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Staff

Get your team up to speed on privacy by bringing IAPP training to your organization.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.

Learn more about IAPP certification »

Get Close-up

Looking for tools and info on a hot topic? Our close-up pages organize it for you in one easy-to-find place.

Where's Your DPA?

Our interactive DPA locator helps you find data protection authorities and summary of law by country.

IAPP Westin Research Center

See the latest original research from the IAPP Westin fellows.

Looking for Certification Study Resources?

Find out what you need to prepare for your exams

More Resources »

GDPR Comprehensive: Registration Open

New! Intensive two-day GDPR training led by the sharpest minds in the field. It's a can't-miss event.

The Congress Is Cancelled

The IAPP Europe Data Protection Congress 2015 is cancelled. Click through to learn more.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

Exhibit at an Event

Put your brand in front of the largest gatherings of privacy pros in the world. Learn more.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»