[6] In addition, some laws and regulations (such as the HIPAA Security Rule) require that certain organizations within their regulatory scope must designate a privacy compliance leader.
[7][8] In the United States, the position of chief privacy officer was first established at consumer database marketing company Acxiom in 1991 with the appointment of Jennifer Barrett as CPO.
[17] The IAPP holds several conferences and training seminars each year around the world, hosting association members from major global corporations and government agencies, with executives seeking certification programs in privacy management practices.
[21][22] The role requires strong collaborative relationships[23] with other stakeholders in an organization, including engineers and product managers[24] (for privacy impacts to products and services), human resources[25] (for privacy impacts to employee data), legal teams[26] (for monitoring and interpretations of applicable laws and compliance measures), procurement and vendor management,[27] and information technology and information security teams.
The role requires an executive with an understanding of how data collection and usage, and the associated risks all factor into an organization's day-to-day business operations.
[41] CPOs are also increasingly required to have deep knowledge of the organization's data-related operational practices and technologies, as well as the interaction between compliance measures that span the realms of privacy and security.
[43] Among the most common credentials seen in the space include: The complexity of the role and the challenge of finding individuals with the right mix of skills, education, and experience is reflected in the salary data.