Lessons from Leaders: Rebecca Hanovice in Conversation

Liisa Thomas: Welcome to Compliance Chronicles, where we learn from professionals shaping the world of compliance. I'm your host, Liisa Thomas, outside Privacy and Compliance counsel adjunct professor at Northwestern Law School, and a lifelong learner of organizational change. ⁓ personal journeys to hard-earned lessons, ⁓ are the Chronicles that inspire and guide. ⁓ dive in. We're back with another amazing conversation with a wonderful privacy leader, Rebecca Hannaweiss, who is here with me to talk about her journey. So, Rebecca, can you start us by telling us what you're doing right now and then lead us into your personal journey to how you got here? Absolutely. I am leading a wonderful privacy team at a multinational organization. managing privacy issues across the globe and in many different technologies. It's been a very interesting journey and I'm really happy to be here. Well, thank you again for being here and let's go on that journey. Tell us about it. Great. I started my career in a patent boutique, an IP boutique, went to a larger firm for a couple of years and then went in-house at about the five-year mark as a patent prosecutor and clearance specialist. And anytime there was a new issue that seemed interesting, I raised my hand. I said, yes, let me try it. Did a lot of different things. And in 2016, the head of the department said to me, there's this new law or regulation that just got passed in Europe. It seems to be technology related and you're a patent attorney. Can you do that? And I said, sure, why not? I went, I learned, went to a conference, learned the basics, worked with you and learned a ton about privacy. And I really loved it. I loved the intersection between. consumer protection, technology, data. Originally, what attracted me to patent law was the constant evolution of the law. The evolution of the law of privacy has not slowed down. It's accelerated at an incredible pace. So I am learning new things every day and very happy about it. And that takes us to our first topic of conversation, which is challenges. And whether it's challenges in the role that you have right now or challenges that you've seen over the length of your career, let's talk a little bit about the challenges you've faced. Privacy is not an easy job. I think one of the most challenging aspects of this role is the fact that the sands are always shifting. You start getting your arms around basic privacy principles and requirements. And just as you're starting to refine those skills, the landscape shifts and you've got to be agile and pivot and all those other fun corporate jargon words. You have to do it. And the reason I like this role so much in this industry, this practice is because it is never boring. It's almost impossible to feel like you're stale or stagnant because the law is constantly shifting and societal expectations are changing along with it. Is there anything that stands out to you as a particular, from when you started in this career to where you are now, anything about the law or the way that people approach the law that has been really difficult? From the outset of my career in this particular practice area, the interaction with the business was probably the most challenging. And I know you have expertise in change management, but there was an expectation, particularly in the United States, that you could use data, collect data, handle it in ways that were pretty open and unregulated. And changing those expectations, educating the business on what was and wasn't permissible was a very interesting challenge because a lot of times you'll get the response, well, everyone else is doing it this way. And I'm not speaking for my current role. This is looking back several years, but it was an interesting evolution of expectations and guardrails. If we move now to thinking about lessons that you've learned, things that are now part of your toolkit of this is how to be a great privacy professional, what are some of those things in your toolkit? What are some of those lessons? And maybe starting with getting the business to see that you're not a department of no. I think approaching it in a way that's less legalese and more business friendly is key. saying here is a real world outcome of these various options. I am here not to tell you no, I'm here to tell you what the possibilities are and what the risks are with each of those paths. And the business really is at the end of the day, it's up to them to make the choice, but I want to make sure they're educated, they're empowered, and they're realistic about what they can and can't do. And I've found pretty much in every circumstance they eventually make the right choice from a moral and legal perspective. It's, ⁓ and which is gratifying to know that you can get people there in a way that doesn't make them start going around you. And that's, think the biggest problem is, is when you approach the business in a way that's just, this is the law and you have to follow it. Now go do that. They're eventually going to stop talking to you because that's not a actionable approach. what not to do, what do you do so that they come to you? A lot of education, a lot of in-person meetings, relationship building is key, showing that you actually understand their objectives, their business, pressures from the industry, their leadership. Really connecting on a personal level is so incredibly helpful. leaning on empathy and curiosity is key. And especially in the digital age where you might be on a Zoom call and everybody is multitasking, so they're not giving their full brain to what you're saying. Finding a hook that captures their interests, that shows that you maybe don't fully understand what it is they do, but you get enough of it to know that the advice you're giving them may pose some challenges and you're willing to listen. and collaborate and come to a middle ground that might work well enough for everybody. It's very powerful. it's, I mean, this is something that applies beyond this particular type of practice. It's really any practice where you're interacting with people having challenging jobs. For folks that are starting out, they're new to privacy, they're new to compliance, or they've been doing this for a long time and they're feeling a little burned out. ⁓ It can be isolating when you're the only person in your organization that has this role. ⁓ So parting advice that you could give. I think one of the most important tips I can provide to my colleagues in this space is find your people, find your community, practitioners in the space. There are quite a few organizations out there that focus on privacy and compliance. getting in touch with them, showing up at events, showing up at webinars, hearing that you're not alone. I've found that going to these events, sharing information, obviously under Chatham House rules, I see it as kind of group therapy. When you're with your people, you're with your other practitioners and knowing that everyone's dealing with the same challenges. and everyone has something to bring to the table. Everyone has their own tips and tricks and approaches and can share what's worked, what hasn't worked. And it's just very invigorating to be around people who are doing the same thing. Also, the privacy community is, in my opinion, a particularly vibrant and fun group of people. ⁓ lot of, I think you have to have a good sense of humor to be in this space. And so I've had some really funny conversations with my my colleagues and made a lot of really good friends along the way. Thank you, Rebecca. And I hope that this for folks that don't have the time today to go reach out to colleagues gives them a little flavor of how helpful it is to connect with others. So thank you for doing this. You're welcome. I hope you enjoyed this episode of Compliance Chronicles. where we look for guidance and inspiration from the personal journeys of compliance professionals.