Ken Mortensen, CIPM, CIPP/G, CIPP/US has joined InterSystems in Cambridge, Mass., as data protection officer.
A longtime privacy professional with more than 20 years of experience, Mortensen, who recently completed a stint at as a senior managing director with PwC, said the catalyst for the transition to InterSystems was simple: they "made me an offer I couldn't refuse."
That offer was the opportunity to fuse his practical legal counsel work with thinking outside the box. The company was “looking to see what their strategy for privacy, security and leverage was, that so they could create innovation in that space,” Mortensen said.
The approach is three-fold. With InterSystems, he’ll be working to build a privacy program as an enterprise head for a company with a vast global outreach. He’ll ensure that the organization’s array of core technology products are managed with a consideration for risk. Additionally, he'll strategically consider how InterSystems will develop its technology in the future.
“This is the thing that’s really exciting,” he said. It involves understanding fast-changing products and services, like cloud storage, as well as overseeing, regulating, and developing services for clients.
Mortensen has big goals. He, of course, wants InterSystems to have a robust privacy and security program, but also wants the organization to take an unblinking look at the ethics that drive privacy.
“There’s a lot of low-hanging fruit that people are not addressing,” he said. But the big issue is really looking at data protection and privacy more simply. “When you think about privacy, I always like to go back to collection, use and disclosures. Those are the three key frameworks.”
When an organization has that perspective, it needs to consider the services its offering and then flip the viewpoint, he continued. While the impulse in the privacy community is to manage data from a protection standpoint, for example, professionals need to consider the ethical conundrums surrounding an “act of omission" with personal information and its use in research or marketing. Sometimes, the best service data managers can offer their clients is using their information constructively, instead of responding to personally identifiable information with alarm, he said. In health care especially, data's enormous benefit can't be ignored, and sometimes data mangers should seek to use the information for its full value. That doesn't mean they should bypass responsible data protection when they get information, but they certainly shouldn't throw the baby out with the bathwater, either.
Mortensen has been asking these big, provocative questions his whole career and can pinpoint with clarity the moment he knew privacy was the field for him. After beginning his professional life as an engineer, he found himself studying for a law degree. Intrigued by a professor's proclamation during his time at Villanova University School of Law that “there’s this thing called the internet, and it’s changing the world,” he delved further and further into studying information access.
Lightning struck for Mortensen in the early '90s when he worked on a tax company's amicus brief. It was fighting a county in New Jersey for access to computerized tax forms in the name of process streamlining. While Mortensen argued on behalf of the tax company, believing its request to be sound, he was eventually flabbergasted when the assistant deputy attorney general countered that granting access would have a “diminishing effect on the privacy of those individuals who owned property in the state of New Jersey,” he said. “I had focused on the access to the record on the form. The records should be made available because they were already publicly available, and there was no added burden; it was a basic public records case.” With her response, he knew “that the world was changing and privacy was going to be huge.”
He was certainly not wrong. Fast forward to 2016, where privacy is less a vague concept and more of a movement, filled with professionals, legislators and companies all trying to navigate an interdisciplinary minefield. It’s a different world, Mortensen said, but that hasn't made him complacent. He has big plans for the future of his company and by extension, the industry and the world.
Good knowledge governance becomes a tool where “more use is better use; not that you’re doing harm, but are you’re driving increased to the individual and to society,” he said. “In five years, I’d love to be able to say we’ve put these things together, connected this information, and it drove this value from the standpoint we now can do this.”
That "this?" The possibilities are endless.
“We’ve cured cancer, we’ve provided information, we’ve provided information to cure certain diseases … We’re not going to do it on our own, but if we can provide the means to drive that, that’s a success."
If you want to comment on this post, you need to login.