Carrie Parikh was barely six months into her tenure at Horizon Blue Cross Blue Shield of New Jersey—her first foray into the field of healthcare—when the COVID-19 pandemic struck. Parikh serves as chief privacy officer and assistant general counsel, so the pandemic affects her work in a number of ways, bringing both healthcare and privacy law into uncharted territory. But for Parikh, unexpected challenges are par for the course; she’s faced more than her share in the course of her career.
When Parikh last spoke with Modern Counsel in 2018, she had recently been promoted to vice president of legal at Wyndham Hotels and Resorts. She’d been at the company for only a few months and had already been promoted to head of the privacy and data security legal group—just six weeks after she was hired, while she was still new to the practice of privacy law.
When asked to take on more responsibility, she rose to the challenge, but couldn’t help wondering if she was truly ready for the undertaking: head of the global privacy program for one of the largest hotel groups in the world is no small role. “Women are particularly prone to impostor syndrome—up to the point of almost wanting to decline the opportunity you get,” Parikh says. She looked for guidance from her female mentors, who encouraged her to believe the people who saw her potential. “I learned a valuable lesson: if you can’t trust yourself, trust the people that trust you,” she says.
Throughout her time at Wyndham, Parikh was politically active and built a relationship with Phil Murphy while he was campaigning to become governor of New Jersey. She had many conversations with him about the growing importance of data privacy, which was largely unregulated—not just in the state but in the country at large. As it happened, those conversations ended up leading to her next career opportunity: when Murphy was elected, he identified Parikh as the ideal candidate to spearhead the state’s privacy program as the chief officer.
Once again, Parikh felt a sliver of doubt. She had less than ten years of experience, and though she had run a global privacy program at Wyndham, the resources that she would have in a public service operation would be very different. Nevertheless, she took the plunge. “It was the biggest and most important challenge of my career,” Parikh reflects. “It is one that I met with all of the seriousness in the world.”
Under Parikh’s leadership, the state of New Jersey put into place a number of initiatives designed to protect citizens’ data. Those efforts included drafting both the first data breach incident response plan and a statewide data governance response plan, along with strategies and policies designed to synergize cybersecurity and privacy. They also built a data response team.
“For the first time we were able to tell the citizens and residents, ‘This is how we treat your data. These are the protections we have in place. This is who we share it with,’” Parikh explains. “Even something as simple as having a place for citizens or residents to call—that didn’t exist prior to my role.”
“Women are particularly prone to impostor syndrome—up to the point of almost wanting to decline the opportunity you get.”
Parikh’s next career move placed her where she is today, at Horizon Blue Cross Blue Shield. She handles privacy protocols at the company both internally and externally. “There’s the educational component, [which entails] going out into the company and ensuring that our workforce is fully up to speed on all things privacy related, including how to treat data, how to share data, when not to share data, and when to raise the alarm,” Parikh says.
When the pandemic struck and sent a huge part of the workforce home, it also changed the privacy landscape in ways that were previously unimaginable. “In the US, an employer has pretty much unfettered rights to monitor their employees, but the laws never contemplated 90 percent of the workforce working at the kitchen table,” Parikh explains.
“The current laws are not sufficient in balancing an individual’s right to privacy, particularly as it relates to sensitive information regarding health, [with the need to] stem the tides of this pandemic,” Parikh continues. “It is an absolutely delicate balance, but it’s one that we have to find.”
Parikh remains optimistic and, true to form, eager to learn. She believes that even though there are no previous statutes or cases to look to for guidance in the area of data privacy, it’s an opportunity to discover and build systems that ensure people’s protection. “We’re constantly having to adjust as we learn new things, so it has just been a whirlwind,” she says.