While H. Leigh Feldman, CIPP/US, CIPM, FIP, is familiar with the process of building out privacy teams, his new position will mark a bit of a divergence. As the head of Promontory's U.S. privacy practice within the global privacy and data protection team, Feldman joins a well established team within the IBM company. 

“The world is changing so rapidly, and there are so many exciting things happening. When the opportunity came up at Promontory, it seemed like such an amazing opportunity to be with one of the premier consulting firms with such deep domain expertise, married up with IBM with its world class leading technology capabilities.” 

Feldman's experience across the financial services industry will certainly serve him well. Getting his start in 1999 as part of a small team tasked helping Merrill Lynch digitize their capital markets into an ecommerce portal, Feldman built out privacy programs across Merrill Lynch, Bank of America, American Express and Citi Bank before grabbing the opportunity with Promontory. 

Looking ahead in the field, Feldman said, “Everything in this space is moving from manual processes to automated and digital processes. Over the next three to five years, in addition to advising companies on the increasingly complex global privacy and data landscape, we will be helping clients move from manual processes to having programs and practices that are more supported and augmented by technology tools and capabilities, such as artificial intelligence.”

Feldman found it difficult to identify what excites him most about the rapidly changing privacy profession. 

“The first thing I would say is that a lot of it is being pushed by the European privacy laws and the GDPR," he said.

With many companies currently structured around a siloed and fragmented approach to data handling, Feldman expects a great deal of integration will be required in order for privacy programs mature.

“I believe we will see more of a convergence of how data handling processes are managed within companies with more focus around the information lifecycle. Risk, compliance, data, records and security functions that focus on information as it is created and collected, used and maintained, shared and disposed of can work more closely together to be more efficient and better assess and manage information risk. All different types of groups that are currently looking at that [separately] will need to work more closely together as information management becomes more critical and complex."

While breaking down silos is universally considered a difficult process, Feldman said it won't happen overnight.

“What will drive this is the increasing pace of change within business and the need to do this in order to serve customers better, while maintaining trust and respecting privacy.

"We are already seeing, out of GDPR, this ecosystem of smaller technology companies trying to fit in and plug gaps, which is great. I think that ecosystem will mature, there will be some shake outs, and then larger companies, like our company, will offer broader services, and provide technology and services around the information lifecycle that will help compliance officer, risk managers and privacy officers better understand, assess and manage the risks."

Looking ahead, Feldman offered this: “Privacy, I think, is more than ever a critical pillar in building and maintaining trust, and must be supported by rigorous and effective programs and practices through the information lifecycle. I think that companies that do that in a responsible way will have a competitive advantage.”

Recent regulations point to greater consumer control over data, Feldman said companies will need to figure out how to allow for greater customer choice when it comes to their data.

“As data becomes much more critical for every industry and every business, there will be more focus on making sure that data is handled in a way that is more robust, with more controls. Sort of how companies now internally handle their money," he said. There is no doubt that Feldman's breadth of experience as a privacy professional has shaped his outlook on the direction of privacy. "If a company has money, they know where every dollar is, they know when it comes in, when it goes out. They have very complex systems and controls to track money,” he said. 

While Feldman doesn’t exactly anticipate the rigor of how money is tracked to be applied to personal data, he did say "Rigor and controls around information will be moving in that direction," and expects to see companies putting much far more controls over information-handling processes the next three to five years.

For Feldman, forecasting the direction of privacy and the incorporation of technology, the opportunity at Promontory was a no-brainer. 

“Throughout my whole career, I’ve been drawn to new challenges, the intersection regulation, privacy, technology, and where things are heading." At Promontory, he said he feels as if he's “right in the heart of where the world is headed.”