TrustArc Platform Receives Two Industry Accolades

The TrustArc Platform has received two new industry accolades, further confirming it as a leading governance, risk and compliance solution for privacy, security and risk management.

First, the TrustArc Platform is a 2018 International Business Awards Stevie® Gold Winner in the category of “Best GRC Solution”. The 2018 IBA Awards received entries from 74 nations and territories. More than 3,900 nominations from organizations of all sizes and in virtually every industry were submitted this year for consideration in a wide range of categories. “This year’s Stevie Award winners in the IBAs are the most distinguished group of winners we’ve had yet,” said Michael Gallagher, president and founder of the Stevie® Awards.

In addition, the TrustArc Platform has been named a Finalist in the 2018 SaaS Awards in the category of “Best Security Innovation in a SaaS Product”. SaaS Awards and Cloud Awards organizer Larry Johnson said, “All entrants demonstrated considerable commitment to innovation in software solutions, and to make the shortlist itself is a huge achievement. With such a concentrated level of success in the shortlist, our judges have a significant task ahead of them to arrive at our final award winners.”

Chris Babel, CEO of TrustArc, announced the two accolades in a press release, stating “We are honored to receive these award recognitions for our flagship SaaS privacy management platform. Our technology is constantly evolving in tandem with the rapidly-changing regulatory landscape to enable our customers to meet challenges and scale their compliance with global regulations such as the EU GDPR, EU–US Privacy Shield and APEC CBPR.”

For more information about the TrustArc Data Privacy Management Platform, please visit:

Meet the TrustArc Privacy Experts Series – Margaret Alston

Margaret Alston, CIPP/G/C/M
Consulting Program Director

What drew you to privacy and how many years have you been in the privacy space?

Initially, I came into the privacy profession by accident – it was a happy accident! I came from the consulting world and I hired by a boutique consulting firm for a privacy project. That was 18 years ago, and I have been hooked since then.

Favorite GDPR Article and why

Article 33 – Notification of a personal data breach to the supervisory authority. Incident response and planning for an incident is near and dear to my heart. Incidents can be incredibly painful; most are “pants on fire” events. However, I’ve seen that careful planning can make a big difference on how quickly your pants burn. Article 33 gives companies a great reason to spend time on careful incident response planning that will make a huge difference. Planning will not only help the organization meet the 72 hour requirement, but it will also help dealing with incidents faster, more efficient, and less laborious. In today’s data driven world it is not a question of whether an incident will happen, but when it will happen. Companies should be prepared.

One thing you’ve noticed that has changed about privacy since you’ve started

I have notice two big changes since I started:

  1. When I first started, there weren’t many privacy rules in the US. The main “privacy” issues that people worried about were GLBA and Europe – that was it. Now we have new developments in regulations, expectations, and best practices every year. The amount of regulations out there for privacy has changed enormously.
  2. Today everyone has heard of privacy, but when I first started most organizations, especially those not in highly regulated industries, had never heard of it. Now almost all companies think about privacy and have people dedicated to privacy. Today privacy has evolved into a real field now, as opposed to something that companies never really thought about.

Advice for new privacy practitioners

Privacy is a fun, fast changing challenging field. I highly recommend it because it is one of the few fields that touches upon every part of a company’s activities. A privacy professional has opportunities to talk to marketing, legal, corporate communications, product, security and more. That’s a lot of fun and a lot of responsibility. Having said that, I would give this advice: don’t be afraid to do outreach across the entire organization, because everyone has a stake in the game.


Margaret has more than 15 years of Privacy experience, much of that at the VP level. She started out in the consulting world, managing a privacy boutique firm’s consulting organization, Privacy Council. She scoped, bid, planned, resourced, managed, and in some cases performed hands-on for EU, HIPAA, GLBA, COPPA, and Web site privacy projects. She is IAPP certified for basic, Government, Program Management, and Canadian privacy, she has covered a broad range of data stewardship issues in the US, India, EU, Australia, and Canada.

Most recently employed as a Senior Privacy Manager for Intuit, as well as Intuit’s Canadian Privacy Officer, Margaret helped create privacy sensitive strategies, business models, and products. She also has set up and managed privacy by design and privacy compliance programs in both the technology realm as well as for specific sets of rules, such as HIPAA, 7216, Safe Harbor, and GLBA.

To learn more about how our consultants can help at your organization, contact us.

Meet the TrustArc Privacy Experts Series – Beth Sipula


Beth Sipula, FIP, CIPM, CIPP/US
Senior Privacy Consultant

In this blog series you will get to know several of our privacy experts from our global consulting team. Each team member brings different experience and expertise, so be sure to read each of their tips and advice!

What drew you to privacy and how many years have you been in the privacy space?

I fell into the privacy profession when I was working for a technology start up in 2000. I was the Director of Customer Care at that time and one of the founders asked me to take on creating the privacy program. He said “Beth, we need someone to manage privacy here, and we think you would be well suited because we want it to be close to the customer.” After leading the privacy program there for six months I realized how much I loved privacy! In 2004 I became a full time privacy practitioner, making this year my 13th year working strictly with privacy and compliance.


Favorite GDPR Article and why

Article 25 – Data protection by design and default, is my favorite. It really resonates with my background in customer support and operations and it’s the method I’ve seen organizations use to successfully implement privacy programs. I think it’s one of the most effective ways to reduce and manage privacy risk as it forces organizations to think about all of the steps needed to truly operationalize a privacy program so that it becomes part of the overall business process.


One thing you’ve noticed that has changed about privacy since you’ve started

When I first started, privacy was a role filled only by attorneys, and the biggest risk people discussed was SPAM emails. This field has shifted; privacy is part of larger information governance programs and goes a lot deeper now. It’s been exciting to watch the evolution.  Because of the demand for privacy practitioners, the new technology that uses personal data, and the broad areas of expertise, today privacy practitioners have many different backgrounds in addition to legal.


Advice for new privacy practitioners

I have two pieces of advice which have helped me throughout my career. First, choose an area in privacy that resonates with you and master it. Becoming an expert takes years, so add to your area of expertise incrementally and do not try to master everything at one time. Second, spend 30 minutes to one hour each day reading about privacy. This space is evolving quickly, and staying up to date on the latest news is very important.

Beth Sipula is a Senior Privacy Consultant at TrustArc. Beth has spent the last seventeen  years focusing on a broad range of data privacy, data security and risk management areas. She has extensive experience in leading global data privacy assessments, privacy by design, creating and conducting privacy training, evaluating new and emerging technologies, M&A assessments and support, and leading operational  compliance programs.

To learn more about how our consultants can help at your organization, contact us.

Meet TRUSTe: Chris Babel, CEO

Over the past six months we have given you an inside look at the talented, knowledgeable and friendly people who work at TRUSTe. This week we conclude the series with our CEO Chris Babel.


How long have you worked at TRUSTe? It will be 6 years this December.

Tell us about your role at TRUSTe. As CEO, I’m responsible for setting strategy, vision and direction for the company. This encompasses everything from what markets to enter, what products to deliver to help our customers succeed and how to differentiate TRUSTe. Critical to succeeding is our culture and team, as the best strategy in the world still loses without great execution from people who understand the company direction and are passionate about our shared success. On a daily basis this can vary dramatically from meeting externally with customers or prospects to improve our market knowledge or internally hosting our monthly “Beer with Babel” meeting where employees can directly or anonymously submit any question they have about the company and our direction.

How has your role changed over time? When I started at TRUSTe, we had just transitioned from a non-profit organization with 60 employees and were just starting to build our technology platform. Today, we have about 175 employees with more people in product and engineering than we had in the whole company five years ago. Managing the transition to a full-fledged technology company and transitioning the culture with the market concerns around privacy exploding has been a massive change to TRUSTe and exciting challenge.


Meet TRUSTe: Mikhail Nikitin, Director, Business Development, EMEA

Each week we give you an inside look at the talented, knowledgeable and friendly people who work at TRUSTe.


Name: Mikhail Nikitin

Job Title: Director, Business Development, EMEA

How long have you worked at TRUSTe? 4.5 years.

Tell us about your role at TRUSTe. I run Business Development and Sales efforts for TRUSTe in Europe. We opened a London office several years ago, making my job of expanding TRUSTe’s presence both in UK and on the continent a lot easier. The challenges in the European data protection requirements and very specific consumer attitudes towards privacy mean that there is a real appetite from businesses to make the right choices when it comes to privacy strategy. We’ve been gaining a lot of traction with our Privacy Technology products and Privacy Certification services in the EU and I’m thrilled to be part of team that started this.


Meet TRUSTe: Kevin Clifford, Director, Enterprise Solutions

Each week we give you an inside look at the talented, knowledgeable and friendly people who work at TRUSTe.  


Name: Kevin Clifford

Job Title: Director, Enterprise Solutions

How long have you worked at TRUSTe? I’ve worked at TRUSTe for just over 5 years.

Tell us about your role at TRUSTe. I work with enterprise clients who are looking for a wide range of data privacy solutions, which include privacy assessments, consulting projects, monitoring solutions or, more recently, our new Assessment Manager to help automate their privacy assessments across the organization. I help our clients prioritize their privacy roadmap and then identify which of our solutions fit their needs. Once our privacy solutions are in place our clients continue to rely on us for ongoing guidance as the global privacy landscape seems to shift on a daily basis.