Closer to fine: Separating data privacy from information security

August 2014
  • Print-friendly version
Closer to fine: Separating data privacy from information security

At a glance

Who’s in charge of privacy? Why financial institutions should create a separate information privacy organization.

How can financial institutions effectively protect the information entrusted to them by customers and employees? A fragmented approach to privacy compliance is not only inefficient but also inadequate and outdated. In our view, financial organizations should create a separate information privacy organization led by a chief privacy officer (CPO). This new organization should manage the financial organization’s privacy obligations.