IAPP Professional Privacy Faculty
Paul Gray, CIPP/US, CIPM
Paul Gray, CIPP/US, CIPM, is a senior privacy and information risk management professional with 10+ years of experience in developing, implementing and leading a global approach to responsible and compliant information use and management. He is an expert at providing solutions in complex global regulatory environments while ensuring continuity with aggressive business strategies across diverse business units.
As the former head of privacy and information risk management for RBC, Gray has direct experience in implementation of risk assessment and mitigation methodologies in a ‘business friendly’ fashion, helping to ensure that business partners can easily adapt and self manage privacy, technology, security and information risks. His strong background in implementing and managing privacy and information security compliance programs throughout the global financial services industry (including banking, investments, financial services vendors, payment card acquirers/vendors) ties directly to organizational goals of enterprise risk management program development and ongoing implementation.
Gray’s specialty areas are regulatory/industry privacy and information risk management/compliance (GLBA, FCRA, PIPEDA, EU, PCI DSS), risk assessments/mitigation, program development and implementation, breach response/mitigation and training and awareness.