In the world of compliance and privacy, true Gamechangers are those who challenge conventions and reimagine what’s possible. Enter Alan Wilemon—a dynamic leader who has transformed privacy and compliance into engaging, impactful elements of organizational success.
With a deep passion for aligning privacy with business values and a creative approach to tackling challenges, Alan has built a career on making the complex accessible and the essential inspiring. From pivotal experiences that shaped his mission to his innovative strategies for driving trust and adaptability, Alan’s insights are a masterclass in building resilience through creativity and connection.
Q: What inspired you to pursue a career focused on privacy, data protection, and compliance?
Alan: I think privacy is personally important to everyone, at least to some degree. That said, it’s not always clear how to tap into that shared feeling to do good work, and that puzzle has always been exciting to try and solve.
I’ve always enjoyed challenging convention a bit, and early in my career, privacy and compliance were functions that no one at work wanted.
Those roles weren’t highly visible, they were seen as a cost center, they weren’t directly connected to the what the organization was wanting to accomplish. So, there was some drive right out of the gate to challenge those assumptions. Of course, not long after I committed myself to privacy and compliance, it became clear that these things were actually critical to what we wanted to accomplish as an organization, but I needed to show people why.
Q: Can you share a pivotal moment or experience that reinforced the importance of privacy and compliance in your professional journey?
Alan: After I had been working in Privacy for just a few years, I was asked to assist a client with a breach investigation, related to a nationally known individual who had just been involved in a high-profile incident. The investigation ended up revealing that this person’s sensitive information had been accessed literally hundreds of times in a 24-hour period – we’re talking descriptions, photos, contact information, everything. In that moment, the connection between consent, choice, and dignity was really underscored for me.
When we rob people of their choices related to their own information, I think we can really be robbing them of some of their dignity, and no one should go through that.
Q: In your experience, what are the most common misconceptions about privacy and data protection?
Alan: I think the most common misconception is that privacy and data protection are always at odds with innovation, or that putting an emphasis on privacy will always hinder your ability to accomplish your goal. Sometimes these beliefs are just based on assumptions, but to be honest, people may have experienced this at their last job before joining your organization. Even still, you can overcome those objections by showing that that isn’t how privacy works here.
Q: What are some strategies you use to ensure privacy concerns don’t get sidelined by other competing priorities?
Alan: I’ve learned that, in most cases, preaching fines and penalties simply doesn’t move the needle to the extent that you’d like. You’ve got to align privacy with the business, because let’s be real, the business will always be the priority. Instead, pitching privacy as a competitive advantage is a great way to consistently move the ball forward.
Be ready to talk about how business partners are looking to work with companies that have a good privacy posture. Demonstrate how strong privacy practices increase customer trust and loyalty. Be ready to display how privacy by design can shorten project schedules by removing extra work at the close of projects.
Tie privacy back to core values and cultural pillars. Privacy must be viewed as a way the organization achieves its mission, not just a way we stay out of trouble.
Q: What role does creativity play in privacy and data protection?
Alan: Creativity is crucial, because you always have to reinvent your message if you want to be consistently heard. There is too much constantly vying for our attention for perpetually routine tactics to be effective.
Sometimes, privacy updates can be pretty academic and detailed – how can you make that accessible to someone that doesn’t have a ton of background in the area? Our collective attention spans are shorter that ever, so using different mediums and different messaging is key to capturing your audience. Standing out and staying relevant isn’t just the challenge privacy pros face, its a fundamental mandate for the role.
Creativity requires a lot of trial and error. The importance of safe failure in our profession is often talked about but still something I think we all grapple with putting into practice.
Do you have a favorite flop? What did you learn from it?`
I use to do “roadshows” early in my career. I would travel to the various locations my organization had around the country, set up a table, try to pass out info to folks in hallways and engage with them. What a waste of time! No one cared – people couldn’t move past me fast enough. Maybe it was an antiquated method of making connections in the org, or maybe I was just lousy at it – but I learned quickly that I needed more organic relationships with these teams before I could just pop in and start influencing behavior. I learned that I needed to establish my identity (and the identity of the Privacy program) first, and then gain a strong understanding of the work other teams were doing before I could gain their trust.
Q: What emerging trends or technologies do you see shaping the future of privacy and data protection?
If recent history is any indication, we are going to continue to see a steady stream of privacy and data protection regulations roll out, especially on a U.S. state level. This will also extend into the ever expanding world of AI as well. I expect to see more privacy enhancing/preserving technologies in the hands of consumers in the years ahead as well. People have a huge interest in privacy, and companies that want to support that will find a receptive market.
Q: What are some of your go-tos for staying updated on privacy and compliance matters?
Alan: Professional industry associations are always a good way to keep up with developments, whether through email list-serves or blogs. Individuals contributors too. If you find a few people on LinkedIn who share great update and insights, this can be invaluable.
Q: What is the leadership playbook you are writing for yourself in real-time?
Alan: This is a cool question. I think listening might be the most effective skill a leader can have, so I’m always trying to level up in that area. And not only in the sense of clearly capturing what others may be telling me. Thats obviously important, but there is more to listening than just that. When someone asks a very specific question, good listening is also hearing the unspoken question that is prompting the one they have voiced. When someone gives an amazing presentation, good listening is also picking up on the cues and tactics that they are using which are making their pitch so effective, so that you can use them yourself some day. Good listening is seeking out content outside your industry, to see what others are working on, how they are succeeding, and how they are adapting. There’s a world of helpful information out there – I would like to continue to get better at listening to it.
