S&T Bank - Cuyahoga Falls, OH
posted 5 months ago
The Privacy Office within Compliance Risk Management is responsible for managing the day-to-day activities related to data privacy compliance within the Bank. This role is crucial in driving the strategy for compliance with existing and new laws and regulations. The individual in this position will develop cross-functional business relationships and foster a strong risk management culture throughout the organization. This includes collaborating on strategies for data privacy compliance, providing guidance and expertise to all lines of business, and supporting response efforts related to privacy incidents. The Data Privacy Program will be managed by identifying, evaluating, and mitigating privacy-related risks. This involves developing privacy-related processes, policies, and procedures, as well as providing privacy guidance to various business lines. The position also entails assisting with product/service/vendor risk assessments, responding to data privacy-related consumer complaints, and conducting root cause analysis. The individual will maintain an in-depth knowledge of federal and state laws and regulations related to data privacy and consumer protection. They will be responsible for understanding S&T's Consumer Compliance Program, policies, procedures, and processes. Communication of issues related to business operations, regulatory developments, and emerging risk issues will be essential. The role requires collaboration with other operational lines, including the Information Security department, to ensure compliance with federal privacy breach notification requirements. Additionally, the position involves preparing reports and providing updates to the Compliance Committee and the Data Governance Council as requested. The individual will be expected to obtain and maintain designations such as Certified Information Privacy Professional (CIPP) or Certified Information Privacy Manager (CIPM). They will support the Chief Privacy Officer in designing and maintaining a risk-based consumer compliance data privacy program and will be responsible for suggesting continuous improvements. Ensuring that departmental procedures are maintained and assisting with corporate compliance policy review and development will also be part of the role. Collaboration with business lines to assess privacy-related controls for compliance with applicable laws and regulations is critical, as is providing credible review and challenge of the first line of defense controls. The individual will assist in developing and updating privacy-related compliance training modules, completing product/service/vendor compliance risk assessments, and responding to consumer complaints related to privacy concerns. They will work with Marketing to ensure the Bank's Privacy Notices are updated as necessary and assist with Privacy Assurance Reviews. The management of the Data Privacy Manager system, including ensuring data maps are updated and correct, reviewing consumer requests for compliance requirements, and tracking each consumer request from intake to closure, will also be part of the responsibilities. Maintaining a good working relationship with all S&T employees is essential for success in this role.