Carrie Parikh, a New Jersey technology official who served in dual roles of chief operating officer for the state’s IT agency and chief data and privacy officer, has stepped down, officials confirmed Thursday.
Parikh, a former senior counsel for global privacy and data security for the Wyndham Hotel Group, told StateScoop last year she initially pitched the idea of adding a privacy component to the chief data officer role to Gov. Phil Murphy, and he wound up assigning all three duties to her position when she was hired in July 2018 as the New Jersey Office of Information Technology’s COO.
“[I had asked myself], ‘I wonder if I can play a role in helping the next administration get it better, be more transparent with its citizens, and put out some really cogent and understandable privacy policies that all New Jersey residents can understand,’” Parikh said.
The structure of putting data, privacy and operations onto one official was unusual, and Parikh told StateScoop she expected the dual-role to be a challenge.
“I have not done anything quite as large as the COO role before,” she said. “I’ve managed teams, but always in an in-house counsel setting, not quite on this scope and level.”
Parikh’s roles are being divided between two deputy chief technology officers inside the New Jersey Office of Information Technology: Roger Gibson, who managed cloud operations, has assumed the COO functions, while Christine Campbell is serving as chief privacy officer.
Before her departure, Parikh’s privacy work included updating the state’s public-facing online privacy notices that tell citizens how their data is being used and creating a data-breach response plan. She told StateScoop earlier this year that training staff on how to properly handle data figured prominently in her job, from defining “personally identifiable information” for less technical personnel to finding new ways to minimize risk and systemize those practices.
“We’re talking to folks about data minimization,” Parikh said. “Do we really need to be collecting all of the information that we’re collecting? Are we using it morally, ethically, responsibly? Are we only keeping it for as long as we should? And then building out all of the protocols around that.”