Nova Scotia's information and privacy commissioner describes a recent survey of organizations across the province as a "Where's Waldo?" exercise.

In the popular children's book series, readers must search for the image of a man in a striped sweater hidden among hundreds of other detailed images.

The office of the privacy commissioner says a search for privacy officers at Nova Scotia businesses proved just as difficult.

The office called 52 provincial businesses and organizations at random this month, large and small, for-profit and non-profit.

Who?

"Almost every call, when we asked to speak to a chief privacy officer or the privacy lead, was met with silence," said Catherine Tully, the information and privacy commissioner.

"There was uncertainty about who that might be in almost all cases."

Tully says only 10 of the businesses were able to identify a privacy lead. Of those, only six were able to answer rudimentary questions, such as whether employees could access their own personnel files, whether the organization used video surveillance or whether they had a policy for retaining records containing personal information.

Tully says the results are troubling.

Best practice

"It's the digital age. Businesses and organizations have increasing amounts of data," she said. "It's hard to deliver service to individuals, to have staff, to have volunteers for some of the organizations, without collecting a significant amount of information.

"We all know the ongoing stories of breaches. It's really important to protect that data."

Tully says while it's not mandatory for businesses to have a privacy officer, it's quickly becoming a best practice.

"They make sure all of the information that the organization has, where it is, makes sure it's secure."

Sunday, Jan. 28 is Data Privacy Day, intended to raise awareness about privacy and data protection.