Data Privacy and Information Governance Officer Job at Debevoise & Plimpton, New York, NY

bjFZUDZwRzVQdUozOUlnUmY5Z0xZMHdYOHc9PQ==
  • Debevoise & Plimpton
  • New York, NY

Job Description

DATA PRIVACY AND INFORMATION GOVERNANCE OFFICER

General Counsel’s Office

Debevoise & Plimpton LLP is a premier law firm with market-leading practices, a global perspective and strong New York roots. Our clients look to us to bring a distinctively high degree of quality, intensity and creativity to resolve legal challenges effectively and cost efficiently. We believe in hiring talented and dedicated individuals as members of our administrative community. We draw on the strength of our culture and structure to deliver the best of our Firm to our lawyers and clients through true collaboration.

The Firm is seeking a full time Data Privacy and Information Governance Officer to join the Office of General Counsel. As a member of the Office of General Counsel, the Data Privacy and Information Governance Officer will oversee the firm’s data privacy compliance efforts, and the ongoing development and implementation of our information governance program that manages digital and hard copy data in accordance with applicable laws, client contractual requirements and internal guidelines across the firm’s U.S. and global offices.

The individual in this role will report to the firm’s Office of General Counsel and Chief Information Officer. This position may be located in New York City or London, with travel to the firm’s various office locations as required.

Responsibilities include but are not limited to:

Data Privacy

  • Advising on applicable national, state and local data privacy laws and regulations, including the EU General Data Protection Regulation (“GDPR”), UK GDPR, HIPAA, California Consumer Privacy Act and other state laws, and monitoring for updates to regulatory guidance and statutory and case law developments in the areas of data privacy and data protection laws.
  • Overseeing the firm’s compliance with applicable data privacy laws and regulations in its global operations, including development and oversight of necessary processes, procedures and documentation.
  • Working with the firm’s designated Data Privacy Officers (“DPOs”) in jurisdictions where they are required to be appointed.
  • Conducting data privacy impact assessments and transfer impact assessments as needed.
  • Reviewing and negotiating data processing agreements and Standard Contractual Clauses in connection with vendor engagements.
  • Managing responses to data subject access, rectification and erasure requests.
  • Updating relevant policies and notices addressing data privacy issues for the firm.
  • Providing input and guidance as requested on related business functions, including but not limited to cyber insurance procurement, vendor management, and information systems design.
  • Providing training to firm personnel on data privacy laws and compliance.
  • Assisting with incident response and notifications in the event of a data breach.

Information Governance

  • Overseeing the ongoing development and implementation of an information governance program that addresses client and administrative data across all repositories, focusing on risk management, retention, destruction programs and compliance.
  • Working closely with the Information Services Department in designing information governance protocols in connection with increasing adoption of SaaS and GenAI tools.
  • Working closely with the Records Services Manager in ensuring information governance protocols are implemented and maintained.
  • Reviewing and updating firm document retention guidelines to ensure consistency with applicable laws and regulations.
  • Leading initiatives to drive change in practice groups and administrative teams to encourage the adoption of electronic recordkeeping practices.
  • Providing training to firm personnel on information governance protocols and compliance.
  • Overseeing file transfers for lateral attorneys.
  • Ensuring departing personnel comply with filing expectations prior to departure.

Requirements:

  • Seven years of data privacy and information governance experience.
  • J.D. from an accredited law school and admission to practice in New York or California, or qualification as a solicitor in England if the position will sit in London, is required.
  • Ability to work proactively, independently and reliably under tight timeframes in a fast-paced environment.
  • Ability to work effectively and collaboratively as part of a team as well as cross-functionally across the Office of the General Counsel, Information Services, Legal Support Services, Records Services and Technology Risk & Compliance.
  • Excellent judgment and ability to weigh risks, develop reasoned recommendations, including risk mitigation strategies, and to provide sound advice.
  • Excellent oral and written communication skills, including the ability to communicate independently and confidently with senior lawyers and other professional management.
  • Comfort implementing new programs and procedures and challenging current processes.
  • Strong analytical capabilities and judgment.
  • Strong project management skills.
  • Excellent training and presentation skills.

Preferred Qualifications:

  • Prior experience working at a law firm is a significant plus.
  • CIPP certification.
  • Strong familiarity with Microsoft M365 and commercial document management and records systems.
  • Experience leading change and managing large scale projects across a global organization.

TO APPLY:

A resume and cover letter/cover email are required to apply for this position. Please tell us where you saw this position posted. Send required materials to:

Human Resources

Taria Yarborough

HR Generalist

[email protected]

Debevoise & Plimpton LLP is an equal opportunity employer. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran or any other legally protected category in accordance with U.S. law.

Job Tags

Full time, Local area,

Similar Jobs

Davis Polk & Wardwell LLP

Assistant, Digital Marketing Job at Davis Polk & Wardwell LLP

 ...campaigns, and the external website, providing essential user training and support while also delivering actionable reports. The Assistant, Digital Marketing provides essential support to the Digital Marketing team, focusing on end-to-end distribution of thought... 

Talent Groups

E Treasury platform Test Specialist Job at Talent Groups

E Treasury platform Test Specialist - Mt Laurel NJ Subject Matter Expert in US Corporate Banking and etreasury and payments Universal Online Banker (UOB) Application. Data analysis, Data migration, SQL is a big plus

Blake & Pendleton Inc.

Install-General Laborer-Level 1 Job at Blake & Pendleton Inc.

 ...Compression Mechanical, a Blake & Pendleton, Inc. subsidiary, is looking for entry-level Install -General Laborer-Level 1 techs to join our team. A general laborer assists in a variety of construction, maintenance, and repair tasks requiring no knowledge and skills,... 

SBT

Director, Manufacturing Operations (Silicon) Job at SBT

 ...recruiting firm for this confidential position. This confidential company is seeking a Director of Operations to scale and optimize business and technology operations. The ideal candidate will bring a strong foundation in silicon hardware and semiconductor manufacturing,... 

NJ Sports Spine & Wellness

Patient Care Coordinator Job at NJ Sports Spine & Wellness

 ...Part-Time Patient Care Coordinator Be the Heart of Our Patient Experience! &##127775; Are you looking for an exciting entry-level role...  ...walk inwarm greetings and a welcoming attitude are a must! Assist with patient check-in and check-out, ensuring a seamless and stress...