Introduction to Resource Center
This page provides an overview of the IAPP's Resource Center offerings.

Contact Resource Center
For any Resource Center related inquiries, please reach out to resourcecenter@iapp.org.



Defining Privacy Engineering

Resource Center / Tools and Trackers / Defining Privacy Engineering

 

Defining Privacy Engineering

Privacy Engineering Domains

This resource, developed by the IAPP Privacy Engineering Section Advisory Board and part of the Privacy Engineering Domains series, provides a broad definition of privacy engineering.

Last updated: July 2025

View Chart (PDF)

This resource provides a broad definition of privacy engineering and highlights various domains in which privacy engineers can significantly impact the protection of privacy.

Privacy engineering is the act of applying systematic, scientific or methodological approaches to include requirements for privacy* in the design, development, and operations of systems and services through various domains, such as software development, system design, data science, physical architecture, process design, information technology infrastructure and human-computer interaction/user experience design.

The privacy engineering domain examples and quotes within this resource are exemplary for work in each domain and are not representative definitions.

This resource is part of a wider IAPP series on Privacy Engineering Domains, which facilitates a deeper understanding of and collaboration within the increasingly important field of privacy engineering.

Domains of privacy engineering

The below section overviews the domains that define privacy engineering. This resource is available as a chart in PDF format here.

  • expand_more

    Software development

    EXAMPLE

    "I perform code audits to ensure our software meets the organization’s privacy objectives, and evaluate and build tooling to support automation of privacy risk evaluation and privacy policy enforcement."

  • expand_more

    System design

    EXAMPLE

    "I maximize privacy, security, useability and other qualities while designing complex systems."

  • expand_more

    Data science

    EXAMPLE

    "I analyze data to achieve privacy-respecting outcomes, and apply anonymization or deidentification techniques to optimize privacy and utility."

  • expand_more

    Physical architecture

    EXAMPLE

    "I evaluate floor and building plans to protect employee and visitor privacy in areas such as focus rooms, patient rooms, restrooms and telephone booths."

  • expand_more

    Process design

    EXAMPLE

    "I use business process modeling and other techniques to ensure privacy and organizational goals are integrated into my company’s business processes."

  • expand_more

    IT infrastructure

    EXAMPLE

    "I develop our IT infrastructure to ensure data flows between systems have controls in place to limit data use for specific purposes."

  • expand_more

    HCI/UX design

    EXAMPLE

    "I conduct user studies to ensure we do not use deceptive design and our customers understand what they consent to."

Tags: Privacy Research, Privacy-Enhancing Technology, Westin Research Center
Related Stories