Share on social networks!

What is an enterprise privacy advocate and what is their role within the privacy office? 

There are different types of structures that can be used for the definition and creation of the privacy office (OP) depending on the type of company we are talking about. A very popular structure, especially in large companies, is one in which the privacy office, led by the privacy manager and his or her team, is joined by the figure of the Business Privacy Champion (BPC)

The BPC is a role that begins with a company employee, whose mission is to collaborate with the privacy office in maintaining the privacy program, as well as in creating a privacy culture within the company. 

Where is this function located within the privacy office structure and what is its mission? 

Depending on the type of company, there are different formulas. In small companies it may be sufficient to have a single BPC, but if this function is addressed in a multinational environment the most common option is to designate this figure in each area of the company (for example, HR, marketing, etc.). The idea is to have a collaborator within the privacy office who know the business and/or the specific area, as well as the privacy

Business Data Privacy Office

The main mission of the Business Privacy Champion is to be the first point of contact for data privacy issues in the areas along with the duty to promulgate privacy principles among the rest of his colleagues, which makes him something of a privacy evangelist. This means that it will be a role that will be present in the different discussions of the corresponding area and will detect all those issues that may affect the privacy of personal data, to escalate them to the privacy office in the different privacy meetings held with the BPC network. 

To do this, the privacy office must create a privacy advocate program to identify the areas in which it is necessary to have this figure and the most appropriate profiles to assume this role, as well as instruct them in privacy matters, so that they can provide support to the different areas, help maintain the privacy program and enact the basic principles of privacy. 

What is the ideal profile of a Business Privacy Champion? 

In an ideal world, it would be perfect for these profiles to have technical knowledge about privacy; However, the reality is that it is highly difficult to find these profiles. That is why it is necessary Find employees concerned about data privacy and that they are also motivated to share the principles of privacy with the rest of their colleagues. That is why they must have, among others, the following qualities: be a positive person, open-minded, respected by their colleagues, with extensive knowledge about the business and with leadership skills to be able to change the way of thinking of the rest of their team. companions. 

What are the benefits of having a network of privacy advocates across the organization? 

This is a valuable ally that allows the privacy office help enact the organization's privacy mission and core privacy principles, so that it frees up the workload so that the team can spend their time on tasks that require true technical knowledge. 

Business Privacy Office

Another great advantage of the implementation of the role of the Business Privacy Champion is that, as they are part of the areas, they are the perfect interlocutors to detect colleagues reluctant to change, new initiatives that have not been shared with the privacy office, etc., which will make them the eyes and ears of the office.  

Therefore, creating a network of privacy advocates throughout the organization is an option that brings great benefits to the organization and allows you to maintain a strong privacy program. 

In our Master in Compliance & Data Protection Management, with the support of a teaching faculty made up of active Data Protection and Compliance Directors, legal professionals, judges, company executives and experts, you will become a highly specialized and autonomous professional, prepared to assume the functions of Compliance Director and Data Protection Director, with skills and knowledge in the following areas:

  • Personal data protection.
  • Claim processes before the AEPD.
  • Design and implementation of Compliance Management Systems.
  • Audit of information systems and data protection.
  • Compliance systems management audit.
  • Use of software management specific: GlobalSUITE.

Subscribe to our newsletter to stay up to date with all the news

Basic information on data protection.
Responsible for the treatment: Mainjobs Internacional Educativa y Tecnológica SAU
Purpose: Manage your subscription to the newsletter.
Legitimation for processing: Explicit consent of the interested party granted when requesting registration.
Transfer of data: No data will be transferred to third parties, except under legal obligation.
Rights: You may exercise the rights of Access, Rectification, Deletion, Opposition, Portability and, where applicable, Limitation, as explained in the additional information.
Additional information: You can consult additional and detailed information on Data Protection at https://www.mainfor.edu.es/politica-privacidad
Blog Master Dpo

Leave a comment