The Privacy Advisor recently caught up with Alysha Canton, CIPP/C, CIPM, privacy consultant with Ontario's London Health Sciences Centre, to hear a bit about her dive into the privacy world and what makes her engage with the IAPP. Canton is an IAPP "young privacy professional" chair for the Toronto Chapter and admits that while her concentration on privacy from an early start might not be conventional, she picked the right path.
The Privacy Advisor: What drew you to the privacy field and how has it changed since you joined?
Canton: I was originally interested in healthcare, but I didn’t think a clinician-type role was the right career for me. Instead, when I finished my undergrad, I completed a Master of Studies in Law degree, where I focused on different areas of healthcare law— privacy really stood out for me at the time. There are so many nuances to privacy. I saw the complexity, and I saw the importance for data protection for society as a whole, and I decided to focus on privacy right there. I thought it would lead to a nice career path that would always be changing and exciting.
I've been in privacy for about four years, and I think I'm one of the unusual cases where I started my career directly in privacy; most people seem to come with a background in something other than privacy. From my perspective, and the short time I've been working in privacy, I'd say that I've really seen a shift in awareness. More people seem to be aware of their responsibilities at the organizations I've worked for and are also more concerned about personal privacy. I've also noticed that advances in technology, even in the past five years, has been pretty major and will probably continue to change.
The Privacy Advisor: Has anything surprised you about the way privacy and data protection is practiced and operationalized?
Canton: Since privacy is so principles-based and there is a general lack of prescriptive roles, it's interesting to me how different organizations can find different solutions to privacy problems, and all of them are compliant. It takes creativity and research — it's not as simple as other types of laws out there.
The Privacy Advisor: How has the Canadian privacy landscape, specifically, changed since you’ve been in the game? Is there one area that has specifically undergone shifts?
Canton: I think a common response to that question would be breach response and breach management. It's so important for organizations to step it up, both in terms of breach prevention and breach management. It’s not a question of if you’re going to have a breach, it’s when. How you’re handling that from a public relations perspective, and from an internal perspective, I think that has changed.
The Privacy Advisor: How was your recent data privacy day? What kinds of chatter did you pick up on?
Canton: It was a lot of fun. We had about 15 people out this year, which was similar to last year, but what I thought was interesting was we had a different group of people with only a few repeat guests. We are working on increasing the crowd and growing the community here in London, so I was excited about that. There was lots of interest in future collaboration with the Toronto chapter.
We had people from different industries, so there was chatter about what people do and how they spend their days, but we also had funny stories about privacy, some GDPR talk, surveillance and breaches were some of the topics I caught while I went around to chat with everyone. It’s a good way to bring people together.
The Privacy Advisor: What do you do when you’re not consumed with data protection and privacy?
Canton: I've recently taken up running. I’ve been working on that for about six months, but of course privacy still comes up. Just this week at run club we were talking about our "Garmins" tracking us and our privacy settings. It’s funny how it privacy comes up in your personal life too. Another hobby of mine is scrapbooking and card making.
If you want to comment on this post, you need to login.