Over the years, I’ve found a few high-quality ways to get the most value out of my relationships with my Chief Privacy Officers. Part of it may have to do with the business we were in at Return Path (and now, Bolster), but part of it is understanding what the Chief Privacy Officer needs from the business and working with them in that arena.
For example, I found it helpful to work with the Chief Privacy Officer to help them to deeply understand our business. Part of what I think we got right in this regard at Return Path was we almost always made this a fractional role that was combined with other responsibilities—Tom Bartel, Dennis Dayman, and Margot Romary almost always did other senior jobs in operations or product as well. This is what most likely enabled us to play more offense with the function rather than playing defense. Even with an operations or product background, the Chief Privacy Officer is typically focused on external threats and issues. I’ve found working with them on business issues not only raises their knowledge, but helps them understand potential security risks.
I also made sure to role model training and compliance. If you mention the word “compliance” to just about anybody in the organization, you’ll see it doesn’t usually get anyone’s juices flowing. But it’s important for the company to live up to its obligations with customers and with its own internal policies. We found, if we involved a certain amount of employee compliance training every year, we were able to build skills and stay on top of changing dynamics. I always try to be the “first done” on an online training course and make sure to follow related policies so our Chief Privacy Officer has air cover… and so I can ask others to do the same with a clear conscience.
I may interact with Privacy infrequently, but when I do, it’s often because something has gone wrong, or we’re worried about something potentially going wrong. That’s ok! As long as you can be there to support your Chief Privacy Officer on an emergency response basis and practice some level of servant leadership in a crisis (“how can I help here… who do you need me to call?”), you’re doing your best work in this department.
It's important to have a regular cadence and a strong relationship with the Chief Privacy Officer, because when a crisis hits, you don’t want to miss any steps. While things usually run smoothly in the Privacy domain, the few times when things spin out of control are the exact moments when you need to hit the ground running, be able to trust your Chief Privacy Officer, and help get everything sorted out.
-Matt Blumberg, June 8, 2023.
