Elimu Kajunju, Chief Privacy Officer and Senior Compliance Director at UnitedHealth, discussed privacy during his presentation at the 2014 Chief Information Security Officer (CISO) Leadership Forum in San Francisco on May 6. In his presentation, “What Every Security Professional Needs to Know About Privacy,” Kajunju pointed out organizations must take responsibility for securing sensitive information.
In addition, Kajunju said ethical and political considerations are important for organizations of all sizes, especially when it comes to privacy. An organization also must implement good data collection practices to avoid privacy issues down the line, Kajunju said. If an organization understands how to collect data, Kajunju said, it can effectively safeguard its sensitive information: “Data collection is really the start of the privacy data lifecycle. Without the data, the rest of this is meaningless. Good data collection practices and really honest data collection data practices are necessary.”