Operations Data Privacy Lead

Schneider Electric has a hybrid opportunity for an Operations Data Privacy Lead in the following hub locations: Franklin, TN; Boston, MA or Foxboro, MA.

In this role you will be responsible for the implementation of data privacy compliance across North America.

You will support teams within their scope in meeting regulatory requirements, fosters a culture of privacy and protection, and support the practical application of privacy controls reflecting the Data Risk Assurance Framework & relevant SE policies, including Binding Corporate Rules.

This role's key responsibilities include support to operational implementation, incident response & training.

The Privacy Lead also serves as the primary point of contact for local Data Protection Authorities.

Key Responsibilities:

Regulatory Compliance Leadership


* Advise on/monitor how to achieve operational compliance with data protection laws and internal privacy policies within the assigned country, business unit, or function on (i) day to day matters and (ii) compliance organization and processes.


* Support the execution of the Data Risk Assurance Framework using company tools, templates, and guidelines.


* Perform regular compliance audits.

Data Risk Assurance Framework Implementation


* Build and execute a data risk assurance action plan using the centrally provided Data Risk Assurance Framework.


* Maintain a processing register - using Company centrally provided tools and processes - to inventory data processing activities within their scope.


* Promote and support the digital certification of all digital assets within their scope.


* Ensure Data Protection Impact Assessments (DPIAs) are triggered and reviewed as required.


* Ensure all vendors go through privacy due diligence and have a signed Data Protection Addendum, per company process.

Training & Awareness


* Reduce potential risk exposure for the company by promoting a culture of data protection through awareness campaigns and training sessions.


* Provide guidance to employees on their privacy responsibilities and best practices.

Privacy Incident Management


* Report privacy incidents; Document and lead, from a data privacy perspective, the investigation and assessment of privacy incidents following the Cyber Incident process.


* Promote that all privacy incidents are reported via the Cyber Incident process.


* Ensure awareness of the data privacy incident process within their scope.


* Maintain a register of privacy incidents.

Governance & Reporting


* Establish and maintain privacy governance structures, including steering committees, annual action plan and actions/risk reporting mechanisms within their scope and to the central team.


* Collaborate with the Privacy Governance Leader in the Group Data Protection Office to ensure alignment with group policies & local privacy regulations.


* Monitor and report on privacy compliance using KPIs, KRIs, maturity assessm...