Kenneth P. Mortensen
B.S.E.E., Drexel University
M.B.A., Villanova University College of Commerce and Finance
J.D., Villanova University School of Law
Kenneth P. Mortensen is Vice President, Assistant General Counsel, and Chief Privacy Officer at CVS Caremark Corporation, where he provides leadership for enterprise-wide information governance including the corporate privacy and security strategy to address operational and information management needs through an approach that protects individual privacy and assures compliance with federal, state and local privacy laws and regulations by building a culture of privacy within CVS Caremark. Mortensen serves as lead privacy and security counsel to the CVS Caremark’s senior leadership to assist with the long-term strategic vision and determining key business initiatives. Additionally, he spearheads corporate efforts to drive awareness of obligations and industry best practices concerning privacy and security.
In 2010, Mortensen was elected to the board of directors for the International Association of Privacy Professionals or IAPP. Founded in 2000, the IAPP is the world’s largest association of privacy professionals with more than 9,000 members in 70 countries. The IAPP helps define, support and improve the privacy profession through networking, education and certification.
Before coming to CVS Caremark, Mortensen was Boston Scientific’s first ever Chief Privacy Officer with world-wide responsibility to implement a global corporate privacy program at the medical device manufacturer.
Prior to re-entering the private sector, Mortensen served in the Administration of President George W. Bush as the Chief Privacy and Civil Liberties Officer for the U.S. Department of Justice, where he was the primary counsel and policy advisor to the U.S. Attorney General and Deputy Attorney General on privacy and civil liberties matters. Mortensen implemented the newest independent office in the Department, the Office of Privacy & Civil Liberties. He coordinated the departmental oversight concerning privacy and civil liberties in all aspects of the department’s mission, especially with regard to national security and foreign intelligence. Mortensen represented the department in inter-governmental discussions about all aspects of privacy and civil liberties protections including the interface between differing privacy authorities, such as U.S.privacy law and European Union data protection frameworks, including leading the U.S. government delegation to negotiate agreements with other countries for the exchange of criminal identification information, such as fingerprints and DNA.
During his time with the Department, Mortensen served as the inaugural agency chair of the Federal CIO Council’s Privacy Committee where he organized this group of federal privacy officials to promote adherence to the letter and the spirit of laws advancing privacy, including the Privacy Act of 1974 and the E-Government Act of 2002, as well as widely accepted concepts of fair information principles and practices. Additionally, he coordinated efforts to ensure widely available education and outreach efforts to create a culture of privacy and to enhance the respect for fair information principles across the federal government in order to minimize the impact on the individual’s privacy, particularly the individual’s personal information and dignity, in the design, development and operation of agency collections of data.
Before coming to the Department of Justice, Mortensen served as the first Deputy Chief Privacy Officer for the U.S. Department of Homeland Security. He advised the DHS Chief Privacy Officer and DHS senior leadership about privacy matters concerning the use, harmonization and implementation of technologies using risk assessment management techniques.
Formerly, Mortensen was a founding and managing partner of the law firm, Harvey & Mortensen. As part of his private practice, Mortensen served as outside counsel to then Pennsylvania Attorney General Mike Fisher regarding technology and Internet matters. As part of that role, he designed, developed, and operated the Pennsylvania Do Not Call Web site on behalf of the Office of the Attorney General.
Before going into private practice, Mortensen was a Teaching Fellow at Villanova University School of Law, where he taught computer and information law. In addition, at Villanova, he managed the Center for Information Law and Policy, which was led by Professor Henry H. Perritt, Jr. (now at Chicago-Kent School of Law), as the Director of Operations. Mortensen began his career at Burroughs Corporation, as an electrical engineer performing large system design for mainframes.