Chief Privacy Officer (CPO) supports and monitors privacy compliance across the company and monitors agents’ compliance with their data privacy and safeguarding obligations. The CPO oversees all ongoing activities related to the development, implementation, maintenance of; and adherence to the organization’s policies and procedures covering the privacy of; and access to, data privacy in compliance with federal and state laws and MoneyGram International’s information privacy practices.
JOB DUTIES/ACCOUNTABILITIES :
In order of importance, describe up to 6 of the primary duties the incumbent will be required to perform on a consistent and ongoing basis.
1. Privacy compliance monitoring across company and agents
- Analyze, maintain and update existing policies and procedures to ensure compliance with current laws and regulations.
- Prepare for privacy audits and manage execution of audits in conjunction with internal audit function.
- Research changes in privacy laws and regulations and recommend new policies and procedures as necessary.
- Participate in the development, implementation and ongoing compliance monitoring by the business and technology areas to ensure privacy program and policy requirements are metMonitor US- EU Safe Harbor compliance; manage the annual US- EU Safe Harbor certification process.
- Participate in the development, implementation and ongoing compliance monitoring of third party agents to ensure privacy program and policy requirements are met and contract obligations are honored.
- Develop and implement weekly, monthly, quarterly metrics and reporting of compliance with privacy requirements in a timely, informative and accurate manner.
- Assists international legal staff with registration required under various international data protection laws.
- Collaborates with regulatory staff to respond to government licensing reviews as to privacy matters.
2. Privacy Impact Assessment
- Manages the privacy impact assessment process, which is a process to review privacy impacts of various company initiatives and works collaboratively with other departments to mitigate privacy risks.
- Participates in new business initiatives and product development activities to identify and escalate privacy considerations.
- Collaborates with Information Security on the security risk assessment process to address privacy compliance and risk mitigation.
3. Personal Data Inventory & Usage
- Facilitates the assessment of company personable data collection sharing and use practices including inventory and mapping of data.
- Monitors the data request and usage processes and cross border data transfer matters for personal data across the company.
- Establishes with information security and other staff, mechanisms to track and report upon data usage and sharing.
- Continually updates and re-evaluates the extent to which customer and employee information is collected and shared internally and externally.
4. Information Technology
- Works closely with the technology services teams to anticipate potential privacy problems embedded in the use of emerging technologies.
- Identify privacy requirements for technology driven projects,
- Reviews all system-related information security plans throughout the organization’s network to ensure alignment between security and privacy practices.
- Develop effective internal and external privacy communication including training programs regarding privacy compliance as needed.
- Responsible for privacy & security training programs and conduct privacy training across enterprise.
Skills and Experience Required:
Years of Experience:
- Bachelors Degree required;
- CIPP(Certified Information Privacy Professional) certification (highly preferred)
- Minimum of 7-10 years experience in privacy, compliance or risk management experience in a corporate setting required.
- Minimum of 10 years experience in financial services, preferably in business process operations
- Knowledge of US state and federal privacy laws, regulations and industry best practices ; (required)
- Knowledge of global privacy trends and legal obligations (required)
- Demonstrated ability to identify and analyze issues, and think critically to resolve problems (required)
- Ability to form solid assumptions and formulate decisions and recommendations from diverse facts and information (required)
- Proven ability to work effectively and efficiently both individually and in a team environment (required)
- Demonstrated success in working cross-organizationally to achieve desired outcomes (required)
- Comfortable and adept in dealing with ambiguity (required)
- Strong project management experience and skills (required)
- Ability to collaborate and influence internal executive management and external stakeholders.
- Proven ability to communicate effectively, clearly and concisely. Able to appropriately tailor communications to the size and nature of the audience, including business and senior management, and other internal and external business contacts regarding difficult and complex issues. (required)
- Demonstrated ability to operate in a fast complex environment that is changing (required)
- Motivated self starter with demonstrated ability to effectively handle multiple priorities and tasks simultaneously (required)
- Previous experience developing and managing integrated business processes related to privacy issues (preferred)
- 10% travel required domestically and internationally
MoneyGram - 21 months ago