Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver of privacy office funding, while concern about required data breach notifications and the bad publicity that such announcements entail grew in importance among survey respondents, with almost nine in every 10 listing it as a concern." It is incumbent on IT senior leaders and IT staff to learn what privacy is, why it is important in higher education today, and how they can identify and address privacy risks. IT professionals should be prepared to advise and assist with privacy issues concerning oral, paper-based, and digital information, including images and video. Chief Privacy Officers (CPOs), or individuals who are assigned lead privacy duties, must take a risk-based approach to privacy and focus on strengthening administrative controls, working in partnership with security professionals on physical and technical controls and with data management professionals on data classification. Regardless of which office oversees privacy or who causes data breaches, protecting privacy is inescapably tied to technology, due to the almost universal use of technology to collect, store, process, and utilize personal information in the pursuit of organizational goals. The most important action that higher education institutions can take is to assign overarching privacy coordination duties to someone--no matter their title or where the person is organizationally situated--and enable that person to work cooperatively with other areas to achieve objectives. Institutions should explain who will be collecting the data, how the data will be used, who will receive it, and the steps that will be taken to preserve the confidentiality, integrity, and quality of the data.