Outsource Your Privacy To An Expert

Perkins Coie is a premier international law firm with over a century of experience, dedicated to addressing the legal and business challenges of tomorrow. Renowned for its deep industry knowledge and client-centric approach, the firm has consistently partnered with trailblazing organizations, from aviation pioneers to artificial intelligence innovators. With 21 offices across the United States, Asia, and Europe, and a global network of partner firms, Perkins Coie provides seamless support to clients wherever they operate.

The firm's vision is to be the trusted advisor to the world’s most innovative companies, delivering strategic, high-value solutions critical to their success. Guided by a one-firm culture, Perkins Coie emphasizes excellence, collaboration, inclusion, innovation, and creativity. The firm is committed to building diverse teams, promoting equal access to justice, and upholding the rule of law, reflecting its core values and enduring dedication to clients, communities, and colleagues.

Explore Firm Details

Data privacy is one of the most complicated and important issues facing modern businesses.

United States Privacy

Guest Author: Jodi Daniels, Founder and CEO of Red Clover Advisors

Data privacy is one of the most complicated and important issues facing modern businesses. With laws varying from state to state, even country to country, and best practices frequently changing, it may be more efficient for companies to outsource their privacy program to an expert who specializes in consumer data privacy.

Fractional privacy officers (FPOs) provide high-level privacy consulting and strategy on a part-time, contract basis. They deliver invaluable assistance in translating and applying the requirements of new and established data privacy legislation to existing business practices and are fully qualified to develop new processes if needed for compliance.

There are four main areas where an FPO's privacy prowess can be highly beneficial:

Completing a data inventory
Preparing for product or marketing launches
Implementing privacy management software
Training teams on privacy processes

Data Inventories

A data inventory is a process that follows the flow of data on its start-to-finish journey through a company's systems. Also known as data mapping, this process gives businesses a clear-eyed view into the following:

What types of data is collected and why
How data is used and who it is shared with
Where data is stored, how it is protected, and how long it is kept
Where data is vulnerable to exposure

This information is critical to designing an efficient, compliant privacy program, and an FPO can ensure that the data inventory process is thorough and well-designed.

Product or Marketing Launches

Much of modern privacy law centers around how companies can collect and use sensitive consumer information to build user profiles and design marketing campaigns. Some laws are built on an opt-in principle (consumers must agree to have their information used or to be contacted) while others use an opt-out methodology (consumers must request not to have their information collected or to be contacted by marketing outreach).

Outsourcing this compliance effort to an FPO reduces the risk of fines or adverse filings resulting from human error.

Implementing Privacy Management Software

Installing an off-the-shelf privacy management software will likely leave costly compliance gaps. An FPO can help optimize and customize privacy programs to close those gaps and make the system work seamlessly within a company's operations.

Training Teams

Data privacy programs are only as good as the teams that implement them. Frequent training on privacy principles and processes is essential to the success of organizational compliance efforts. FPOs, as executives with experience engaging staff and as privacy experts, excel at creating and executing effective training strategies for everyone from senior management to frontline employees.

Privacy Compliance Tip

Make sure your data inventory is updated at least once a year and any time a new process for collecting, processing, or sharing data is implemented.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.