Carrie Parikh, the former senior counsel for global privacy and data security for the Wyndham Hotel Group, now serves as both chief data and privacy officer and chief operating officer within the New Jersey Office of Information Technology.
Parikh was originally hired as the chief data and privacy officer, but only two days before she began work, was offered the role of COO as well. She began her new roles in the public sector July 9.
“I’m coming up on my two-month mark … and the good news, I’m still here,” Parikh joked. “They still want me to come in every day.”
The new chief data and privacy position is one that focuses not only on the importance of data security, but transparency, said Parikh.
“This governor is very keen to start telling people what it is the government is doing,” she added, referring to Gov. Phil Murphy, who took office in January 2018. “And I think that’s unique, compared to some past administrations.”
One of the first initiatives will be to focus on the privacy notices that run across all of New Jersey’s state websites.
“We want to ask ourselves some critical questions: What are we telling New Jersey residents about? What it is that we’re collecting their data for? What are we using their data for? What are we doing to protect their data? And where can they go to get information about what is happening with their data?” she said.
“So that’s a huge initiative. It’s that giant transparency piece,” Parikh remarked.
Raising awareness in New Jersey about data is coming at an opportune time, said Parikh, as Internet privacy concerns have cropped up around the world through large-scale public policies like the European Union's General Data Protection Regulation (GDPR).
Developing a full-scale privacy program in the state will involve collaborating with other agencies and departments like the attorney general’s office, the New Jersey State Police and New Jersey Cybersecurity and Communications Integration Cell, an organization within the New Jersey Department of Homeland Security and Preparedness.
“We’re really looking at building the first privacy program from the ground up. So, it’s exciting, yet challenging times,” said Parikh.
The COO and chief data and privacy officer positions have some natural overlap, said Parikh.
“When you think about things like privacy-by-design, and building and weaving privacy into every element of, particularly an IT organization, I do think that they fit hand-in-glove,” she explained. “The chief operating officer is responsible for all of the operations within the IT world that we live in. To be able to have that birds-eye view from the COO role, to see where we need to build critical privacy infrastructure is really helpful.”
Transitioning from the privacy concerns of an international hotel conglomerate to those held by New Jersey state government was not the wide leap it may appear, said Parikh.
“Building a privacy program is not really that different, in terms of substance, from the private world to the public world. It’s different in breadth and scope,” she explained. “So, more data, different types of data, different purposes for use of the data. But the actual allocation of resources toward building a privacy program are pretty much the same.”