Steve Wright

In November 2018 I took up an interim position of DPO at the Bank of England, when the DPO returned in January, I continued to provide GDPR assurance and privacy leadership. I also supported the CISO in designing a new target operating model.

At John Lewis, I was fortunate enough to be in the unique position of reporting directly into the Group Financial Director (CFO), but answerable to the Board and Audit & Risk Committee. This empowered me to ensure that when it came to data privacy and data security compliance, I was able to set the strategy, policy, direction and the tone (rate) of change necessary to take that great British icon into its optimal position of leveraging the data it collects, whilst at the same time protecting the rights of customers and Partners, by ensuring legal and regulatory compliance, delivering and enhancing Privacy and Security capabilities - whilst ensuring Trust and Transparency remains at the heart of our fantastic Brands - Waitrose and John Lewis.

I’ve spent more than 25 years learning in IT (the last 8 in Legal and Finance), but all the time designing, developing, managing (mainly people) and delivering transformational data governance, privacy and security programmes, but my role at John Lewis proved a great test of my skills.

I believe that data (governance) lies at the heart of our society and everything is connected to this one common denominator = data. And as we know, data security and data privacy are inextricably linked - they share common objectives, threats and therefore require comprehensive safeguards (controls), legal compliance and assurance mechanisms - both for the Board,our Partners and of course our Customers.

I am only human, and limited by human capacity, but I would hope you may share in some of my passions and philosophies.