Director, Data Privacy
Location: Greenville, SC
Job Description:
Oversee the company's data protection strategy and its implementation to ensure compliance with relevant data protection laws, such as the GDPR, CCPA, and other applicable regulations. Serve as the primary point of contact for all data protection and privacy matters within the organization, providing expert advice and monitoring compliance efforts.Reports To:
VP, Corporate Quality / Corporate Data Protection OfficerDuties and Responsibilities:
Regulatory Compliance:- Ensure the company complies with relevant data protection laws and regulations (GDPR, CCPA, etc.).
- Monitor data protection laws and recommend necessary organizational changes.
- Develop, implement, and maintain privacy policies and procedures.
- Ensure privacy policies are up to date and reflect current regulatory requirements and industry best practices.
- Conduct and oversee DPIAs for projects involving the processing of personal data.
- Provide guidance on risk mitigation strategies for high-risk processing activities.
- Develop and deliver data privacy training programs for employees.
- Promote a culture of data protection compliance across the organization.
- Establish and maintain an incident response plan for data breaches.
- Investigate and respond to data breaches, ensuring timely notification to regulatory authorities and affected individuals as required.
- Provide expert advice to senior management and staff on data protection and privacy matters.
- Serve as the point of contact for data protection authorities and regulatory bodies.
- Manage and respond to data subject requests (e.g., access, rectification, erasure).
- Ensure the organization’s processes facilitate the exercise of data subject rights.
- Assess and ensure the data protection compliance of third-party vendors and service providers.
- Negotiate data protection clauses in contracts with third parties.
- Conduct regular audits to ensure compliance with data protection policies and regulations.
- Monitor data processing activities to ensure they align with privacy standards.
- Maintain comprehensive records of all data processing activities conducted by the organization.
- Ensure accurate documentation of data protection impact assessments and breach incidents.
Job Requirements:
- Bachelor’s degree in law, Information Security, IT, or a related field; advanced degree preferred.
- Professional certification in data protection/privacy (e.g., CIPP, CIPM, CIPT) is highly desirable.
- Extensive knowledge of data protection laws and practices, including GDPR, CCPA, and other relevant regulations.
- Proven experience in a data protection or privacy role, preferably in a similar industry.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal skills, with the ability to articulate complex privacy concepts to non-experts.
- Detail-oriented with a strong commitment to maintaining high ethical standards.
California Residents: