Meet General Electric's Gretchen Herault, CIPP/US, CIPM. She's been involved with the IAPP for nearly a decade. She loves privacy and the work that she does because it aligns with her passion to make a practical difference.
The Privacy Advisor: What do you do, and how is it privacy- and/or security-adjacent?
Herault: I'm currently council at GE, a health care privacy council as part of the legal department. There, I deal with the privacy issues that come on a day to day basis with respect to GE’s health care business, which runs the gamut from medical devices, to software and consumable products, and even some research trials.
The Privacy Advisor: How long have you worked for GE?
Herault: Only about four or five months.
The Privacy Advisor: Where were you prior?
Herault: Before GE, I was the chief privacy officer at Nuance Communications; they did voice recognition software. I was also deputy chief privacy officer at Monster.com. I’ve been doing privacy for awhile.
The Privacy Advisor: What inspired the work transition?
Herault: I think this opportunity within health care was particularly appealing to me. Health care is a big area in terms of professional opportunity, but also because there’s a lot of changes with its world — particularly in the U.S. — with how health care is delivered and what research and big data can do to change it. This opportunity to me is a confluence of all those things at once.
The Privacy Advisor: What do you like the most about what you do?
Herault: What I really enjoy is working on issues that really matter and that make a difference in everyday lives. I think in the context of GE, and in health care in particular, you can see that very readily. In other industries that connection is not as obvious, but it definitely is in the health care space.
The Privacy Advisor: Out of the myriad issues plaguing privacy professionals today, which problem deserves the most attention and focus?
Herault: I think really understanding and getting right data transfers and the use of cloud services. They kind of go hand in hand. Getting that right is really challenging, especially as laws around the world are starting to change.
The Privacy Advisor: How do you stay sharp as a privacy professional, in the face of all that constant industry fluctuation?
Herault: Well, definitely staying abreast of the news. I think having a good understanding of what cultural drivers influence different countries’ notions of privacy and how those will affect the laws they come out with is important. Whether it’s things like preferences for barriers for free trade or the country’s history when it relates to privacy, I think all those things are really important to stay on top of. Current events, especially in last couple of years, have been driving a lot of the laws we’re seeing.
The Privacy Advisor: How did you first hear about the IAPP, and in what ways do you volunteer?
Herault: I first became aware of the IAPP when I was at Monster, so I’ve gone to every Global Privacy Summit for the last 10 years. I did the CIPP and CIPM certifications, and I did those early on in my privacy career because I thought it would be a good way to get the same baseline knowledge and vocabulary from the start. I'm currently on the CIPM Exam Development Board, and in the past I was on the Education Advisory Board. I was a past speaker at the Summit. And ages ago — problably like 10 years ago — I hosted a Privacy After Hours.
The Privacy Advisor: What's the best professional advice you've ever received?
Herault: When I graduated from law school, we had Tom Brokaw as a graduation speaker. I remember he said, "It’s easy to make a buck; it’s hard to make a difference."
If you want to comment on this post, you need to login.