How to make privacy a shared responsibility

Privacy is not the only function that struggles with cross-functional work and shared responsibility with other business areas.  

Other compliance-focused areas, such as third-party management, anti-money laundering, and anti-corruption activities, rely on experts in Compliance, Legal, Finance, Purchasing, Security, and other functions.  

The activity of developing seamless customer experiences can also involve a variety of experts, including web programmers, design specialists, marketing and market research professionals, graphic artists, attorneys, and privacy compliance representatives.  

There is no doubt that collaboration can lead to better outcomes and an all-in, motivated workforce. Working together across functions can also increase efficiency, encourage problem-solving, advance change, and make problem solving easier (and more fun). Collaboration can be a ray of sunshine at an organizational and individual level.  

Of course, every sunbeam brings a shadow, and collaboration is no different.  

First, collaboration takes time. It involves more discussions and meetings, for one thing. In fact, in a recent Gartner study on cross-functional work, 84% of marketers reported high “collaboration drag” when working cross-functionally: too much peer feedback, unclear decision-making authority, and increased time to completion. When this collaboration drag is high, research suggests that businesses are 37% less likely to fall short of revenue and profit targets – a big potential hit.  

Privacy, though, is an activity that really does take a village, so successful programs must manage the collaboration quagmire to succeed. For one thing, many companies now recognize the powerful turbo-boost that privacy can contribute to the corporate engine.  

The more central a program is to the business, the more stakeholders are involved in related decisions.  

It is no longer only the Privacy Office that cares about privacy. Marketers, for example, recognize the value of responsible data ethics and directly feel the pressure of doing privacy right. This means that functions other than Privacy feel ownership and are motivated to act – with or without Privacy involvement – and so close cross-functional collaboration is key.  

Fortunately, there are techniques and tips that can help smooth challenges related to shared privacy responsibility: 

• Build a privacy-first culture 
• Form and educate cross-functional teams 
• Leverage common technology 
• Use engagement techniques 

Build a privacy-first culture

An organization’s culture has an incredible impact on how its employees act. Culture reinforces the behaviors that fit in and discourages ones that do not. A privacy-first culture has a multiplier effect – moving privacy past a box-checking exercise and building ownership across the organization.  

Fortunately, there is quite a bit of information out there on how to build a compliance culture, generally, as well as ideas on building a privacy-positive culture. Most recommendations point first to building ‘tone from the top,’ making sure that executives internalize the importance of privacy in all areas and externalize that sentiment in the way they talk and act – both walking the talk and talking the walk.  

Other tips include aligning compensation and promotion criteria with the right behaviors, building awareness across the organization, and educating the entire organization’s population. Though “mission” and “true north” statements may be very 1990s in concept, they can provide a focus for the core values the organization wants to represent.  

Form and educate cross-functional teams

If privacy takes a village, first you must build a village. Bringing together people in vastly dissimilar roles can be difficult, especially when privacy is just one more thing on already full plates, but it is possible.  

People are excited to participate in activities that are interesting (which privacy certainly is), where they feel their knowledge and experience is valuable and appreciated, where they feel successful, and where they enjoy interacting with their colleagues on a personal level.  

This means that it will be important to: 

• Educate the team on a baseline set of privacy concepts and terms. This will build confidence in team members. A participant who is uncertain in their basic privacy knowledge may hesitate to contribute. They may feel that they are wasting their time, and even worse, feel that their core area of specialty does not really relate to the topic of privacy.
• Also, a common set of terms will help the team communicate clearly. Especially since common terms often mean something extremely specific and different in the privacy space, it is possible and even likely that team members may use the same term to mean something totally different. Words matter in privacy, and a common set of terms can help smooth communication. Sometimes even having a glossary or dictionary as a work tool is useful when building knowledge and a common language.  
• Express appreciation and provide a safe space to hear points of view. It may be useful to establish ground rules for discussions.  
• Build the team muscle. Anything new can be hard, and working with a new team can feel awkward to participants. Recognize that it takes time and effort to build a muscle, and building the team muscle is no different. Do a few easier tasks together first and build up from there.  

Leverage common technology

Sometimes technology helps, and sometimes it gets in the way. If cross functional team members use different technologies that do not ‘talk’ together, that cross functional team will find it difficult to work together seamlessly. Consider what data the team members need to share with one another and whether a common technology can help smooth interactions.  

Use engagement techniques

Team members are people too, and people are more likely to fully engage in a productive way when they get positive reinforcement. Job satisfaction, appreciation from managers and peers, and compensation are all possible positive reinforcers, but techniques like gamification can make enormous impact on cross-functional collaboration, especially when participants work remotely or are geographically dispersed. Gamification provides prompts on where the effort is in relation to goals, and where individuals are in relation to their peers in meeting goals – in a fun and engaging way.  

Outside of gamification, there are other ways to make cross-functional privacy ownership fun and rewarding. For example, consider the “5 Cs of Engagement” and how these factors can help: Care, Connect, Coach, Contribute, Congratulate.  

Sharing privacy responsibility across functions and working effectively together has its pitfalls, but results in a more robust, effective, and efficient program. Approaching the collaboration thoughtfully and with consideration of how to set things up for success can make all the difference.