Senior Director, Chief Privacy Officer
Lead privacy compliance efforts for Bank/Upromise, responsible for the implementation and oversight of the Privacy Compliance Program (2nd Line) including execution of quarterly/annual risk assessments and mitigation across lines of business (1st Line) partnering with Internal Audit (3rd Line) resulting in increased transparency and reporting to Executive Leadership. Maintain relationships throughout entities enabling assessment/resolution of privacy issues. Key business partners include Legal, InfoSec, LOB, Product Development and Vendor Risk Management.
- Chair Privacy Council authorizing data sharing activities affiliated/unaffiliated third parties), determination of data-governance requirements including tracking/reporting to management.
- SME providing guidance on all matters associated with privacy-by-design, contractual relationships, outsourcing, off-shoring, technology impacts, business initiatives and internal audits/regulatory examinations (FDIC/CFPB).
- Oversee enterprise-wide privacy/cybersecurity incident response program, ensure reporting of issues into system of record, research requirements, partner with committee members ensuring the investigation is conducted and all required notifications are made (customer, law enforcement and regulatory authorities).
- Advise on compliance testing/monitoring and training requirements ensuring appropriate control environment along with development of mitigation strategies and delivery of reporting to management committees.
- Monitor regulatory changes/emerging risk advising of impact/policy requirements to drive enhancement for compliance with laws/regulations, industry best practices. Provide metric reporting for senior management committees.
- Established highly visible role interacting with employees at all levels providing education/guidance on all privacy matters. Enhance Bank’s reputation and visibility through participation with industry organizations and events (IAPP and SCCE), external auditors and regulatory agencies.