The Shifting Privacy Paradigm: State Chief Privacy Officers’ Evolving Roles and Persistent Realities

This report is the result of a survey of 17 state chief privacy officers in the first quarter of 2024 and is an update to the previous surveys in 2019 and 2022. The report covers how the role is structured, responsibilities of state CPOs, challenges, resources needed, the CPO role in artificial intelligence and procurement and more. We also offer recommendations for states looking to create or build on the CPO role and share advice from current state CPOs.

Download

The 2022 State CIO Survey

The 2022 State CIO Survey, The People Imperative examines key issues related to critical success factors for the state CIO, workforce, enterprise portfolio management and others. The state CIO survey, published annually for the last 13 years, includes responses from 51 state and territory CIOs.

Download

Privacy Progressing: How the State Chief Privacy Officer Role is Growing and Evolving

This report is the result of a survey of 20 state chief privacy officers in the spring of 2022 and is an update to the previous survey in 2019. The report covers how the role is structured, the background of state CPOs, challenges, resources needed and more. We also offer recommendations for states looking to create or build on the CPO role.

Download

2020 Deloitte-NASCIO Cybersecurity Study – States at Risk: The Cybersecurity Imperative in Uncertain Times

The sixth biennial Deloitte-NASCIO Cybersecurity Study reflects insights from all 50 states and 1 territory on the CISO’s role and budget, governance, reporting, workforce and operations. The CISOs filled out this year’s survey in May/June 2020—an unprecedented time as the world adjusted to the impact of the COVID-19 pandemic. State governments responded by moving their enterprise operations, services and employees to a virtual environment, and the study captures COVID-19’s impact on state cyber posture to the extent visible during the early response to the pandemic.

Download

The 2020 State CIO Survey

2020 is a year that has undoubtedly been defined by the COVID-19 pandemic. In this eleventh annual state chief information officer (CIO) survey, we received the perspective of 47 state and territory CIOs on the extraordinary and unprecedented challenges they faced this year. In addition to directly addressing the issues and lessons learned by CIOs in responding to the pandemic, we also received updates from CIOs on many of the tradi­tional topics covered by the survey, including CIO organization business models, digital government, adoption of cloud and emerging technologies and state and local collaboration. As might be expect­ed, there was not a single topic area where the pandemic did not impact state CIO experiences in some way. The continuing work to address the immediate challenges of COVID-19 and to prepare for the long-term impacts to state and citizen work and personal lives is reflected throughout this year’s survey.

Download

Perspectives on Privacy: A Survey and Snapshot of the Growing State Chief Privacy Officer Role

Compared to a private company or even any other level of government, the need to focus on privacy at the state level is significant. The amount of personal information citizens provide to their state outweighs anything a citizen provides to any one company. Because of this, we have seen number of states who have hired a chief privacy officer increase rapidly over the last several years. This NASCIO research provides a snapshot of the state chief privacy officer position, the background of CPOs, what they do in their roles, how the role is administratively structured and their advice for states interested in creating the position.

 

Download

Ponemon Institute’s 2018 Cost of a Data Breach Study

This webinar covered the findings of the 2018 Cost of a Data Breach study and how states are preparing for and responding to data breaches.

 

Watch the Recording 

Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments

The brief, a joint project between NASCIO’s Cybersecurity Committee and Data Protection Working Group, explains why a risk based cybersecurity approach is the most beneficial to state government data. When states take a risk based approach they improve operational efficiency, assessments are more accurate, attack surfaces are reduced and decision making is improved. As the brief states, taking an enterprise mentality brings together previously silo-based security and IT tools and allows for ongoing and continuous data monitoring and assessing.

Download

 

State of Washington: Privacy Modeling Demo

Government is using more data than ever in rendering services to citizens, yet government has few tools to enforce privacy rules or considerations and can’t simply hire enough to meet the demand for expertise. After consulting with academic and legal experts form the privacy community in Seattle, the state’s Chief Privacy Officer, Alex Alben, retained a software firm to create a web application which  returns relevant search requests based on the intended use of personal information in a product or service.

Watch the Recording