Data Privacy Officer
Roles and Responsibilities
- Be the SME to all Department Privacy Officers as it relates to industry data privacy controls around regulatory data.
- Work with domain leaders reviewing ongoing activities related to the development, implementation, maintenance of, and adherence to the Client's policies and procedures covering the privacy of, and access to, state information in compliance with federal and state laws. (i.e. HIPAA, FTI, PCI, SSA, FERPA, CJIS, FISMA)
- Prepares and assists with presenting clear, accurate and timely reports on Privacy and Data Protection risks, risk mitigation measures and compliance activities to key stakeholders, and senior management.
- Work closely with business domain leaders to ensure all regulatory controls are properly monitored and data exchange agreements are in place.
- Provides development guidance and assists in the identification, implementation, and maintenance of state information privacy policies and procedures in coordination with department management and administration, and legal counsel.
- Assist, direct, deliver, or ensure delivery of initial and on-going privacy training and orientation to all employees, and professional staff, contractors, alliances, business associates, and other appropriate third parties in regards to data privacy.
- Review all system-related information security plans throughout the Client's network to ensure alignment between security and privacy practices, and act as a liaison to the information systems department.
- Serve as information privacy consultant for all departments and appropriate entities.
- Leads the implementation of the Client's Data Privacy Program vision developed by the Center of Excellence for Data group, forming a Data Privacy Officers group, and directing progress towards the COED objectives and data privacy awareness.
- Coordinate data breach response and notification procedures with the CISO and related team.
- Work with contract and procurement teams to ensure proper data security language has been properly depicted in all contracts, RFPs, RFIs, and vendor contracts.
- Give advice on the impact of data protection efforts.
- Lead the data classification and data inventory effort.
- Provide advice and instructions on how to conduct Data Protection Impact Assessments (PIAs), as well as review all incoming PIAs.
- Follow up with changes in law and issue recommendations to ensure compliance
- Expert knowledge of data protection law and practices.
- Align with the company's data processing operations and the level of data protection required for the company.
- Excellent management skills.
- Excellent verbal and written communication skills
- Experience in data protection and legal compliance
- Knowledge of data processing operations in government sector is preferable
- Familiarity with computer security systems
- Ability to handle confidential information
- Ethical, with the ability to remain impartial and report all noncompliance
- Organizational skills with attention to detail
Job ID: 18-00278