Senior Data Privacy Specialist

Our client, a boutique US litigation firm, is seeking an experienced Senior Data Privacy Specialist to lead its global privacy program. This role will oversee global data privacy-related matters, advise on privacy aspects on handling of client data, formulate legal and regulatory strategies, and advise on solutions to mitigate privacy-related risk issues. This role will also be responsible for monitoring the progress of privacy laws and regulations, and work with the appropriate internal and external business teams in response to enquiries by regulatory agencies. The position will be based in the London office and serve as the Firm's data privacy lead.

‪Key responsibilities for the Senior Data Privacy Specialist will include:

• Oversee privacy risk reviews and impact assessments for complex applications/initiatives going through risk review processes, focusing on obligations under relevant International privacy regulations (GDPR, Privacy Shield, APEC, HIPPAA and other global privacy laws and regulations.), as well as client expectations, contributing to the mitigation of legal, financial and reputational risks to the Firm from the potential loss of client information.
• Implement engagement Information Protection Plans, including defining information handling requirements, controls and processes.
• Maintain compliance with data privacy regulations.
• Manage annual privacy self-assessment across all functions in support of firm's Privacy obligations.
• ‪Build and maintain an in-depth understanding of the firm's technical infrastructure and operational processes in relation to the processing of personal data.
• ‪Undertake regular reviews of these operation processes to ensure that the controls in place are still effective.
• Contribute as a subject matter expert on data privacy to support internal functions as well as client, vendor and partnership agreements.
• ‪Monitor the data request and usage processes and cross-border data transfer matters for personal data across the Firm.
• Oversee and conduct regular privacy impact assessments of operational processes, identifying, and mitigating privacy risks across the Firm through effective tools, training and guidance to ensure that new products and services respect individuals' right to privacy and data protection.
• Maintain ongoing and current knowledge of evolving global data protection and privacy legislation and laws.
• ‪Administer operational activities related to regulatory requirements such as Data Mapping, Data Protection Impact Assessments, and Processing Records.
• Collaborate with information security and case teams on data privacy matters.
• Educate and build privacy awareness within the Firm.

‪The ideal candidate for the Senior Data Privacy Specialist position will have solid experience within compliance, privacy or a related field. You must have extensive knowledge of privacy regulations within the US, Europe and Asia including, but not limited to, GDPR. You must have the Certified Information Privacy Professional (CIPP) or Certified Information Privacy Management (CIPM). Certification from the International Association of Privacy Professionals (IAPP) is required and Certified Information Privacy Technologist (CIPT) is a plus.