Privacy Director jobs in the United States

The Utah Department of Government Operations is seeking a highly qualified and experienced individual to fill the position of Data Privacy Director. This leadership role will be responsible for developing and implementing comprehensive privacy policies, and procedures in alignment with state and federal regulations, with a specific focus on Utah's Government Data Privacy Act (GDPA) and Government Records Access and Management Act (GRAMA). The Data Privacy Director will coordinate with DGO division privacy officers, Chief Administrative Officers and Records Officers to provide guidance and support on privacy matters, assist in maturing privacy programs and ensure ongoing compliance with privacy laws and regulations.

• Develop and implement comprehensive privacy policies and procedures in alignment with state and federal regulations, with a focus on Utah's GDPA and GRAMA.
• Coordinate a team of privacy officers, CAOs and appointed records officers providing guidance, mentorship, and performance management support.
• Conduct privacy impact assessments, audits, and gap analysis to identify potential risks and vulnerabilities and develop mitigation plans.
• Create or update records series descriptions, proposed retention schedules, and record series annotations to ensure compliance with record retention and disposition requirements.
• Serve as the primary point of contact for privacy-related inquiries, requests, and incidents, ensuring timely and appropriate responses.
• Collaborate with executive leadership, legal counsel, IT, and other stakeholders to integrate privacy considerations into organizational decision-making processes.
• Oversee the delivery of privacy training and awareness programs for employees at all levels of the organization.
• Monitor and analyze emerging privacy laws, regulations, and best practices to ensure ongoing compliance and inform strategic initiatives.
• Manage and facilitate the resolution of privacy-related complaints and investigations in accordance with established policies and procedures.
• Draft, review, and/or approve privacy-related documentation, including notices, consent forms, agreements, and policies to ensure accuracy and compliance.
• Drive continuous improvement of privacy programs through the evaluation of processes, technologies, and resources.
• Coordinate with relevant departments and agencies to ensure timely and accurate reporting of data breaches as required by law.
• Prepare and provide data breach notices to affected individuals or their legal guardians, ensuring compliance with notification requirements.
• Stay abreast of emerging privacy laws, regulations, and best practices to proactively identify and address potential compliance challenges.
• Prepare and submit annual reports on data sharing or selling activities to the chief privacy officer, as applicable.
• Manage personal data collection notices and amendment/correction requests in accordance with applicable laws and regulations.

• A minimum of 5-7 years of experience in privacy, compliance, or a related field.
• A minimum of 5-7 years of experience in a leadership or managerial role.
• Experience in conducting privacy impact assessments and managing privacy incidents and investigations.
• Advanced knowledge of privacy laws, regulations, and frameworks, with expertise in Utah's GDPA and GRAMA.
• Completion and active holder of Utah Records Management training and certification.
• Relevant professional certification (e.g., CIPP, CIPM) required.
• Expert level knowledge of agency-specific privacy regulations and requirements.
• Strong leadership and people management skills.
• Excellent communication and interpersonal skills.
• Proven strategic thinking and problem-solving abilities.
• Advanced proficiency in Google Workspace, Microsoft Office Suite, and other relevant software applications.
• Proficiency in project management principles and practices.

• Risks found in typical office setting which is adequately lighted, heated and ventilated, e.g., safe use of office equipment, avoiding trips and falls, observing fire regulations, etc
• Typically, the employee may sit comfortably to perform the work; however there may be some walking, standing, bending, carrying light items, driving an automobile, etc. Special physical demands are not required to perform the work.
• The employee hired into this role will be required to complete a Disclosure Statement, and successfully pass a background check.
• DHRM rules will apply for promotions or transfers of current employees.