Beth Sipula, FIP, CIPM, CIPP/US
Senior Privacy Consultant
In this blog series you will get to know several of our privacy experts from our global consulting team. Each team member brings different experience and expertise, so be sure to read each of their tips and advice!
What drew you to privacy and how many years have you been in the privacy space?
I fell into the privacy profession when I was working for a technology start up in 2000. I was the Director of Customer Care at that time and one of the founders asked me to take on creating the privacy program. He said “Beth, we need someone to manage privacy here, and we think you would be well suited because we want it to be close to the customer.” After leading the privacy program there for six months I realized how much I loved privacy! In 2004 I became a full time privacy practitioner, making this year my 13th year working strictly with privacy and compliance.
Favorite GDPR Article and why
Article 25 – Data protection by design and default, is my favorite. It really resonates with my background in customer support and operations and it’s the method I’ve seen organizations use to successfully implement privacy programs. I think it’s one of the most effective ways to reduce and manage privacy risk as it forces organizations to think about all of the steps needed to truly operationalize a privacy program so that it becomes part of the overall business process.
One thing you’ve noticed that has changed about privacy since you’ve started
When I first started, privacy was a role filled only by attorneys, and the biggest risk people discussed was SPAM emails. This field has shifted; privacy is part of larger information governance programs and goes a lot deeper now. It’s been exciting to watch the evolution. Because of the demand for privacy practitioners, the new technology that uses personal data, and the broad areas of expertise, today privacy practitioners have many different backgrounds in addition to legal.
Advice for new privacy practitioners
I have two pieces of advice which have helped me throughout my career. First, choose an area in privacy that resonates with you and master it. Becoming an expert takes years, so add to your area of expertise incrementally and do not try to master everything at one time. Second, spend 30 minutes to one hour each day reading about privacy. This space is evolving quickly, and staying up to date on the latest news is very important.
Beth Sipula is a Senior Privacy Consultant at TrustArc. Beth has spent the last seventeen years focusing on a broad range of data privacy, data security and risk management areas. She has extensive experience in leading global data privacy assessments, privacy by design, creating and conducting privacy training, evaluating new and emerging technologies, M&A assessments and support, and leading operational compliance programs.