Q: What does data privacy mean to you?
For me, data privacy means protecting the welfare of individuals by protecting their personal data and using it responsibly. This includes keeping privacy in mind when collecting, managing, sharing and using the data and ensuring that the individuals whose data you are entrusted with are part of the process by being transparent through consents and notice.

Q: As chief privacy officer for the University of Chicago, tell us what your office does? What does your day-to-day look like?
The privacy office provides guidance to help navigate regulatory obligations and adhere to university policies related to the collection, use and sharing of personal information. I work with various organizations to review contracts and data sharing and data use agreements where information is shared either within UChicago and or with external parties from a data privacy perspective. I also provide data privacy training and awareness and respond to data privacy incidents as well as general guidance on data privacy protection.

Q: How can members of the campus community work with you?
I can be reached either through the privacy office at privacy@uchicago.edu or directly at dipti@uchicago.edu and am always happy to hear from members of our community.

Q: You hold a bachelor's in industrial engineering and operations research and master’s degrees in operations research and computer science and worked in information systems for many years. What drew you to the role of chief privacy officer?
Prior to my current position, I spent over 13 years in information technology and clinical research informatics supporting the functions of academic medical centers. That work involved all aspects of data management, use and analytics in administration and research. This data often included sensitive personal clinical and administrative data. What drew me to my new position was an opportunity to take my experience from an academic medical center and apply it to a broader set of university functions and to help facilitate the mindful use of personal data. I was also excited with the challenge of building a new program in an area that is growing in complexity and importance.

Q: When you tell people you meet that you work in privacy, what is the common question they ask you?
The most common question is simply, “What is data privacy?” These days it is a commonly referred to concept in the news but not always explained. Also, depending on what your job is or your background, you might think of data privacy from a limited perspective such as HIPAA with healthcare or FERPA with education. While those are very important regulations, data privacy is much broader and can impact people in a very personal way, depending on how much of your personal information is out in the world.

Q: What is a recent trend or topic in data privacy that you are most intrigued by right now?
A trend I am very interested in is the increased development and use of privacy preserving technologies and privacy engineering. These tools can help greatly with privacy by design and privacy protection.

Q: Why is it beneficial for all members of the campus community to learn about protecting their privacy?
When we share our data, we often focus on the singular sharing event, such as just providing the names of our children or an anniversary date or just one bank account number. It is important to be aware of how all that data can be collected from disparate sources to tell a more detailed story of an individual. That story can be used to predict passwords or social engineer information from a person through fake emails and text messages. The main lesson is to be cautious and thoughtful when sharing your personal information.

Q: What is something you like to do in your free time away from work?
As technology centric as my professional life is, my other passion is quite orthogonal. In my time away from work I like to delve into worlds of fiction. This includes writing, reading, watching, and analyzing all genres of fiction.