Contributor: K Royal, CIPP/US, CIPP/E

K Royal, CIPP/US, CIPP/E, is privacy counsel at Align Technology and has over 20 years of professional experience in the legal and health-related fields. Royal has a particular interest in the relationship between health and technology—such as telesurgery, bioethics and privacy. As an attorney, she has been recognized as a Forty-under-40 honoree for Phoenix, as an educational leader through the YWCA and as one of the top pro bono attorneys in Arizona. Royal is currently an in-house global privacy counsel and finishing her PhD in public affairs.

Practical Privacy

What Makes a Good Privacy Officer?

By K Royal

Recently, as I was speaking to a talented group of law students, I was asked the above question. This has also been a related theme underlying some of the recent posts on the IAPP Privacy List. I’m not sure if this list is what those who want to enter the privacy field should cultivate in themselves, what current privacy officers are like or what we should be aiming for as a profession.

To build...

More from K Royal
Healthcare Privacy

On Where Health IT and Privacy Meet

By K Royal

The Eighth Annual National Health IT Week kicks off today with the slogan, “One Voice. One Vision: Transforming Health and Care.” This honorary week has been created by the Healthcare Information and Management Systems Society (HIMSS). HIMSS seems to lead efforts similar to the IAPP, even if the mission is different, and there is no doubt that our membership overlaps. HIMSS states that last year,...

More from K Royal
Opinion

Is Advising Clients To Clean Up Social Media After Filing a Lawsuit Questionable?

By K Royal

A recent article stirred up quite a bit of discussion among my LinkedIn friends.

Opposing counsel requested discovery of a plaintiff’s Facebook page. The plaintiff’s attorney advised him to clean it up and was suspended for five years from the practice of law. The disciplinary system actions states the suspension was for “violating professional rules that govern candor toward the tribunal,...

More from K Royal
Opinion

Should Privacy Professionals Have a Code of Ethics?

By K Royal

To more accurately assess this inquiry, I looked outside of associations based solely on one’s education and looked for associations based on one’s role or job and I found several examples of codes of ethics for professionals. There are members of IAPP who are also members of some of these other professional associations: HCCA, ISC2, SCCE, just to name a few. Additionally, many members of IAPP...

More from K Royal
From the Toolbelt

What Should You Do If You Receive an Investigatory Letter From the OCR?

By K Royal

My 22 year old daughter loves to send mail—a little old-fashioned, but endearing. Opening mail still carries the potential of discovering a treasure. Unfortunately for many organizations, the envelope may contain unpleasant information, namely an investigatory letter from the Office for Civil Rights (OCR), the entity that enforces the Health Insurance Portability and Accountability Act (HIPAA).

...
More from K Royal
From the Toolbelt

The ABCs of BCRs

By K Royal

Prior to commencing my employment in 2012, my employer decided to enhance their data protection program with the EU-U.S. Safe Harbor certification, but then the European Commission published new privacy legislation. Upon hire, my primary directive was to decide between Safe Harbor and Binding Corporate Rules (BCRs)

First, I had to quickly come up-to-speed on European privacy law. Within six...

More from K Royal