Overview
Skills
Job Details
Business Privacy Consultant
Duration: 12+ Months Contract
Location: 100% Remote
CPPIP certifications is a must
Business Privacy Specialist (BPS) Role and Responsibilities
The success of client's enterprise data privacy program depends on the first-line engagement of our business privacy resources. To be successful, a BPS must:
Continually advocate for privacy compliance, the ethical use of personal data, and the importance of our privacy principles in our everyday business practices.
Maintain a clear line-of-sight into all business area initiatives involving personal information.
Have working relationships with key contacts in their business area.
Use analytical and critical thinking skills to evaluate privacy risks in ambiguous and complex situations.
Have necessary time/resource allocation.
Be highly motivated to contribute and grow within a complex area of emerging importance.
Be comfortable identifying and escalating issues to the enterprise privacy office as needed.
Have the established skillset, core competencies, and experience (detailed in this document) to fulfill the privacy responsibilities.
Privacy by Design - PIAS and Personal Data Management:
Lead the business in "privacy conversations," to promote privacy discussion and advise the business when Privacy Impact Assessment/Data Protection Impact Assessment (PIA/DPIA) are necessary.
Train the business on PIA/DPIA process, expectations, and requirements.
Manage the accurate completion and accuracy of PIA/DPIAS, including initial reviews, privacy control/risk mitigation recommendations, and escalations.
Represent privacy in working groups and business conversations to maintain line-of- sight to business initiatives and advocate for privacy practices.
Regulatory Compliance
Establish a general understanding and working knowledge of the privacy laws that impact the business and activities that trigger privacy requirements.
Maintain the business' documentation of processes, procedures, and controls demonstrating compliance to privacy regulatory requirements.
Participate in regulatory compliance testing.
Manage the planning, administration, testing, and training of privacy projects/processes, including:
oPrivacy rights requests (Data Subject Access Rights)
oPrivacy notice distribution
oConsent and preference management
oRecord of processing (data mapping and inventories)
BPS Responsibilities and Expectations
Program management and business representation
Act as the point-of-contact and subject matter expert (SME) for business area privacy issues, questions, and processes.
Collaborate and develop working relationships with key business partners such as: information security and risk, data governance, supplier management, and product/portfolio managers.
Represent privacy as the first-line of defense (FLOD) in working groups and business conversations.
Understand and promote our internal privacy policies, standards, and resources. Socialize privacy reports to key stakeholders.
Assess privacy reports for growth and risk mitigation opportunities.
[+All business units and HR]
Incident Breach Management
Educate the business on reporting privacy incidents.
Monitor and ensure consistent and through incident reporting.
Oversee business's privacy incident management process: review, research, documentation, escalation, and remediation of each incident.
Continuously monitor root cause trends and other incident data to discover opportunities for proactive risk mitigation.
On-going Commitments
Privacy Contacts are required to:
Attend monthly privacy contact meeting and any ad hoc trainings.
Complete any assigned privacy-related training.
Participate in privacy contact on-boarding training.
Seek out a minimum of 4 online industry trainings or educational opportunities to further privacy knowledge.
Share privacy information and updates with key contacts within the business area.