This topic seems to be more important than ever given the global demand (okay, mainly the European demand) for experienced privacy professionals. But how do you get experience if no one will hire you – and how do you get hired without having experience?
For privacy in particular, the IAPP has stepped up its efforts – recognizing the need to train professionals quickly and maintain quality. They offer online training in the General Data Protection Regulation and European data protection, available online and in person. In addition, there is a Privacy Law Specialist recognized through the American Bar Association (squeee – very excited for this).
But what if you are not a member of the IAPP? First, join it. There are people who have personal issues with either the IAPP or with certifications, but frankly, with very little else in the world to compete with this recognition – it’s pretty much the only game in town. There are other certifications and groups, don’t get me wrong – there are health care privacy certifications, research certifications, ISO27k certifications, CISSP, and many more. But still, CIPP, is what companies look for when looking for someone skilled in privacy.
Does being certified in information privacy mean you are an expert – no. But it is a way of demonstrating that you passed an objective measurement that indicates that you have a baseline knowledge. Call me old-fashioned, but to me, if you have been measured and found acceptable, then I expect you to demonstrate that knowledge. I am often disappointed – don’t get me started on registered nurses, doctors, and attorneys that I consider to be incompetent. That’s a whole ‘nother blog.
Back to the point of the post – you can break into the privacy field, whether you are an attorney or not. Play to your strengths and enter through a related position. If you are a litigator, start litigating on privacy issues. If you work in a bank, get into the privacy office. If you are in insurance . .. well, you should get the point. Contact the people in the privacy area of where you work, or want to work, and be upfront with them.
Make connections. Network. And keep in mind that networking, while you hope it will benefit you at some point, is not about you. It is about the person you want to know. What can you do for them? And then don’t be afraid to use your network to help others. Good deeds will come around.
Be active in discussion groups. Comment on stories that people post. Engage others – and on intellectual points, not in arguments. Get your name out there.
Start writing articles for industry publications. They love new blood and insight.
Join committees and work. Don’t just lurk. Work.
And most of all, pay attention. Right now, the application for the Privacy Law Specialist is due. Today. And I completely missed the news on it, being heavily engaged in actual working. So… sigh. I won’t be in the inaugural group, which sucks. But it underscores a key point – pay attention and execute on a timely basis.
Make sure your name, when called, is meaningful.
If you have other suggestions, please comment. If you have questions, please ask.