How a Privacy Engineer Can Facilitate Privacy Compliance
Article

How a Privacy Engineer Can Facilitate Privacy Compliance

by Mirena Taskova
April 02, 2021

With stricter privacy regulations and higher customer expectations about safeguarding personal information, a growing number of companies are retaining privacy engineers to enhance privacy protections throughout product and service lifecycles.

In recent years, privacy concerns were often overlooked as business units and engineering teams developed a product or service. Some organizations believed that strong privacy controls could slow the development process or be an impediment to a product or service gaining rapid traction. On the other hand, engineering teams often lacked technical privacy knowledge or the authority to take the necessary privacy considerations into account.

However, more and more companies are now realizing that it is more efficient and cost-effective to evaluate privacy concerns at the earliest possible stage of the development cycle to detect and resolve any issues that might cause data governance or security problems later.

The inclusion of privacy-related questions at the start of the development process represents a new approach for businesses, many of which tended to consider privacy issues either at the later stages of product development or even, in some instances, after a product or service was in the marketplace.

The Role of the Privacy Engineer

Specific responsibilities vary among organizations, but in broad terms, a privacy engineer collaborates with the organization’s engineering, legal and business teams to ensure that privacy considerations and regulatory requirements are addressed in the earliest stages of product and service development.

Common duties might include, for example:

  • Advising engineering teams to make sure data collection and usage practices protect user privacy and mitigate privacy-related risks
  • Reviewing products and services throughout their lifecycle to ensure compliance and address privacy concerns
  • Helping business and technology teams develop and follow privacy controls
  • Coordinating compliance with international regulations as applicable
  • Collaborating with legal teams to understand evolving regulatory expectations and the effects on new and existing products and services

An effective privacy engineer will also be able to understand the financial implications of implementing privacy considerations within the organization — or failing to do so — and should be able to explain privacy issues to stakeholders in different business units.

Stricter Regulations Driving Demand for Privacy Engineers

Recent growth in the demand for privacy engineering talent has been driven in part by stricter privacy regulations, including the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Both regulatory frameworks impose limitations on how organizations can use, share, store and commercialize their customer data.

Privacy engineers help compliance and development teams translate those requirements into software code and ensure that the organization’s products and services remain in compliance with those and other regulatory mandates.

Privacy engineers also help organizations implement the Privacy by Design approach, which focuses on the fundamental privacy principles, and help them build effective privacy controls into the design, operation and management of a product, service or process.

Privacy Concerns in Transactions

Privacy-related considerations are also becoming more important for investors in development-stage companies and are playing a role in the due diligence process before potential mergers or acquisitions.

As with product development, privacy engineers can play an essential role in facilitating the M&A process due to their technical knowledge and understanding of the privacy considerations across the organization.

Given the blend of technical and compliance skills required, recruiting a qualified privacy engineer can be challenging for many companies. In response, many organizations are turning to privacy engineers on an outsourced service basis, retraining internal resources, and enlisting consultants to help with privacy strategy development.

If you have questions or want to learn more about privacy engineer outsourcing or our other Privacy services, contact our experts.

Stay In Touch

Sign up to stay up-to-date with the latest accounting regulations, best practices, industry news and technology insights to run your business.

Author
Mirena Taskova - Managing Director, Privacy & Cybersecurity - San Jose CA | Armanino
Managing Director, Head of Privacy and Cybersecurity
Resources
Related News & Insights
Managing Enterprise Risk through Data Governance
Webinar
Learn why proper data governance is a critical component of managing enterprise risk.

November 18, 2021 | 10:00 AM - 11:00 AM PT
Dynamics BC for Managing Inventory Webinar
Webinar
Dynamics GP users will learn the benefits of moving to a cloud solution with special focus on inventory management.

November 10, 2021 | 11:00 AM - 12:00 PM PT
A Simplified Deal: The Playbook for Your Next Transaction
Webinar
The only transaction readiness playbook you’ll need, no matter the deal.

November 9, 2021 | 12:00 PM - 03:00 PM PT