Vice President Global Compliance amp Ethics And Privacy Officer

Profile

Vice President, Global Compliance & Ethics and Privacy Officer
Duties: Leads the resolution of complex legal issues affecting strategic initiatives within the business, collaborating with functional teams as appropriate. Instrumental in the development and execution of department goals and objectives in the areas of C&E and Privacy in support of company strategy. Acts as an escalation point and decision-maker on behalf of Legal for complex C&E and Privacy issues as a leader within the department. Escalates to the Chief Legal Officer as appropriate. Advises management on compliance trends and proposes direction for the company. Develops Board level reports. Creates and manages effective action plans in response to audit discoveries and compliance violations. Audits company procedures and practices to identify possible weaknesses or risks. Assesses company operations to determine legal compliance and privacy risk. Represents the organization with respect to Corporate Compliance/Privacy/Data Protection, in collaboration with external counsel as needed, with external parties and/or regulatory authorities. Manages and cooperates with regulators and/or other legal entities in any compliance reviews or investigations. Performs or oversees periodic compliance and privacy risk assessments/analyses, mitigation and remediation. Develops strategic program plan and executes on plans. Develops and manages company policies and associated processes and guidance materials. Develops and delivers training. Facilitates and promotes activities to foster corporate compliance and information privacy awareness within the organization. Develops appropriate program-related metrics and tracks to assess trends. Conducts program monitoring activities in coordination with the organization's other compliance and operational assessment functions. Maintains awareness of US and ex-US compliance and privacy laws/regulations to support the organization. Designs, implements and manages a strategic, risk-based and effective legal C&E program and Privacy program. Develops and manages a compliance-related third party due diligence program in support of with vendor qualification and management. Manages the ethics hotline, conducts compliance-related investigations, and manages cases and follow through on corrective actions. Designs, implements and manages a strategic, risk-based and effective HIPAA privacy program and ex-US privacy program. Ensures privacy forms, notices, policies, standards, and procedures are up-to-date. Collaborates with the information security officer to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the information systems department. Implements and manages a process for receiving, documenting, tracking, investigating and acting on internal and external privacy and data protection requests (e.g., changes to/deletion of information from systems) and complaints. Takes a lead role to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements. Develops and manages a privacy-related third party due diligence program in support of with vendor qualification and management. Manages all required breach determination and notification processes under HIPAA, GDPR, and other US or ex-US requirements. Establishes and administers a process for investigating and acting on privacy and security complaints. Maintains a log of incidents of remedial actions. Serves as the organization’s Data Protection Officer (DPO) in jurisdictions/regions where such a role is required by applicable law/regulation.

Company info

Sign Up Now - EmploymentCrossing.com