All privacy and data protection regulations, one way or another, necessitate that data protection service providers designate a qualified professional to be responsible for compliance. So does NAID AAA Certification and the PCI Data Security Standards. Most commonly, that person is known as a Data Protection Officer (DPO).
To meet this requirement, most U.S. organizations simply assign that role to one of their employees, usually with little or no background in data security or regulatory compliance.
At Shred Vault, we chose a different route. We believe our clients deserve better. That’s why we retained a third-party, best-in-class Data Protection Officer (DPO) whose only job is to assure we meet or exceed all of the rapidly changing regulatory compliance requirements.
Why it Matters
First, by retaining a highly-qualified DPO, Shred Vault is able to stay up-to-date with the rapidly changing data protection requirements across the country. This is a big task when you consider that 7 states have passed new data protection regulations in the past two years, and that twice that number will do the same in the near future. Eventually all states will. Having the right DPO means our clients don’t have to worry about Shred Vault’s continued compliance as these regulations evolve.
Second, by retaining a highly-qualified DPO, Shred Vault is held to a higher level of scrutiny. More than just an advisor, our DPO’s duty also extends to our customers and to regulators. From employee training to collection and use of personal information, every aspect of Shred Vault’s privacy and data protection policies are authored, endorsed and monitored. The continued relationship between the DPO and Shred Vault is dependent upon consistent, demonstrable compliance.
Finally, by retaining a highly-qualified DPO, Shred Vault has immediate access to one of the world’s most highly respected experts for advice on regulatory matters. With privacy laws changing rapidly and with concerns over data security coming from every direction, it is reassuring to know that we are only minutes away from getting an expert opinion when the need arises.
The Better the DPO, the Better the Protection
To fulfill its regulatory obligations, Shred Vault went to great lengths to align itself with a professional that demonstrates the strength of our commitment. By retaining Privata Vox and Principal Advocate Robert Johnson, CSDS, CIPP/US to serve as its Data Protection Officer, one of the world’s most high-profile and well-regarded data protection pedigrees is overseeing the physical security of Shred Vault operation, as well as its compliance with all relevant privacy and data protection regulations.
From appearing before the U.S. Senate on data breach legislation, to working with the Federal Trade Commission on FACTA rulemaking, to founding the secure data destruction industry’s most accepted global certification program, Mr. Johnson has proven time and again he is a trusted authority on the subject and that he puts security and compliance first.
…And, here at Shred Vault, we wouldn’t have it any other way.