Data Privacy Administrator
This position reports to the Data Protection Director.
The Data Protection Administrator will be responsible for providing oversight and guidance on privacy related initiatives, subject matter expertise on global privacy laws and regulations, proactive and effective communication with internal and external parties, collaborative resolution of business issues, and exceptional customer service for internal and external clients.
- Serve as a visible and highly engaged manager who coordinates and leads the daily activities associated with implementation of the data privacy program
- Educating the company and employees on important compliance requirements; training staff involved in data processing
- Perform privacy and/or security reviews including regulatory and industry assessments (GDPR, HIPAA, NIST, etc.), risk analyses, information inventory and data mapping, vendor management assessments, and additional privacy or security compliance related projects to ensure compliance and address potential issues proactively
- Consult with business areas on Personally Identifiable information (PII) collection, minimization, appropriate use, information sharing, proper handling and disposal
- Develop and implement privacy awareness training materials
- Conducts Privacy Impact Assessments
- Serving as the point of contact between the company and GDPR Supervisory Authorities
- Monitoring performance and providing ongoing advice to teams across the organization on the meaning and application of data protection and privacy regulations.
- Maintaining comprehensive records of all data processing activities conducted by the company, including the purpose of all processing activities, which must be made public on request
- Interfacing with data subjects to inform them about how their data is being used, their rights to have their personal data erased, and what measures the company has put in place to protect their personal information
- Research and evaluate emerging privacy trends, laws or regulations
- Assisting with other privacy and legal compliance tasks as needed and as time permits on subjects including, but not limited to, employment, ethics, finance, PCI, SOC 2, etc.
- Works with corporate IT team, Information Security team and Privacy team to implement and monitor privacy compliance programs
- Communicate with teams affected by new laws and regulations and monitors to assure that necessary changes to policies and procedures are made
- Serve as an internal expert resource for privacy compliance
- Identify and guide resolution for privacy compliance issues including effective communication of these issues to other business units.
- Review new engineering and product data use cases to ensure ongoing compliance with Privacy policies
- Assist with incident response and mitigation strategies as necessary
- Respond to complaints and grievances related to Privacy issues
- Perform other privacy team relevant duties and responsibilities as assigned
- Bachelor’s degree or higher (or equivalent work experience)
- 7+ years of relevant experience working in compliance roles, including a significant amount of work specifically on privacy and data protection issues, preferably with time in-house at a technology company with established privacy compliance protocols
- CIPP, CIPM, and/or CIPT certification
- Must possess a strong technical aptitude and be able to effectively communicate with technology professionals; data analysis and/or coding skills are required
- Must have extensive knowledge of privacy and data protection laws, regulations and best practices
- Experience with compliance issues and standards at all levels (local, state, federal and international) and familiarity with industry-specific regimes (e.g. HIPAA, PCI, GDPR, etc.)
- Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus.
- Clear ability to build strong relationships and establish trust with stakeholders at all levels
- Excellent verbal and written communications skills
- Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner
- Ability to solve complex problems in a timely manner by working with multiple stakeholders
- Ability to manage multiple tasks and work streams effectively.
- Ability to follow detailed procedures and processes with a high degree of accuracy
- Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product
- Experience managing project through the full system development lifecycle
- Multiple language abilities preferred – fluency in English (written and spoken) required
- Flexibility to travel as required up to 25% overnight travel