Joe Jones serves as the Director of Research and Insights at the IAPP. Previously, he served as the UK Government’s Deputy Head of Digital Trade, where he was responsible for digital policy. Joe also served as a private practice lawyer on international data issues.

Companies are grappling with the challenges of managing privacy, security, AI, and data governance in an increasingly complex regulatory environment. The IAPP’s Organizational Digital Governance Report highlights the challenges businesses face due to “digital entropy” — caused by overlapping laws, rapid technological shifts, and cultural and socio-technical differences, emphasizing the need for organizations to align their governance structures to address these challenges. How can companies navigate these complexities while maintaining compliance and operational efficiency?

The IAPP’s digital governance report provides insights into how companies can adapt their structures and processes to meet the growing demands of digital governance. It outlines three varying approaches companies are using to navigate digital entropy: the analog model, where companies use their current structures while adding more tasks to existing teams; the augmented model, where companies create new committees or cross-functional teams to define overarching terms for digital governance and policy; and the aligned model, where companies have dedicated roles for digital governance. The report underscores the importance of moving toward a more aligned model, where privacy, security, and AI governance are streamlined under cohesive leadership. This involves empowering privacy teams, implementing regular audits, fostering collaboration across departments, and avoiding reliance on ad hoc committees to align with evolving privacy regulations.

In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with Joe Jones, Director of Research and Insights at IAPP, about how companies can leverage insights from the IAPP Organizational Digital Governance Report to improve their digital governance frameworks. Joe explains how companies can stay ahead of regulatory changes by embracing more structured governance models. He also emphasizes the need for privacy professionals to act as enablers within organizations, offering guidance on leveraging data responsibly while navigating the growing complexity of privacy regulations.