This lawyer oversees ongoing activities related to the development, implementation, maintenance of; and adherence to the organization's policies and procedures covering the privacy of; and access to, protected personal data information in compliance with applicable privacy laws and the company's information privacy practices; as well as lead the global development and implementation of the Company's GDPR policies and procedures. The role oversees privacy for operations globally and works in cooperation with privacy professionals in all other countries where the Company has operations. This lawyer will also manage a staff of one other junior attorney and a paralegal that draft and negotiate a broad range of commercial agreements with a focus on IT and telecommunications. This lawyer will also do the same, when not handling privacy matters. Essential Duties and Responsibilities:
- Serves in a leadership role for global development guidance in the identification, implementation, and maintenance of organization information privacy policies and procedures in coordination with organization management, compliance and legal; including among other things, the assessment, development and implementation of a plan related to new GDPR requirements.
- Performs initial and periodic information privacy risk assessments and conducts related ongoing compliance monitoring activities in coordination with the Company's other compliance and operational assessment functions.
- Works with management, key departments, and committees to ensure the organization has and maintains appropriate privacy and confidentiality consent, authorization forms, and information notices and materials reflecting current organization and legal practices and requirements.
- Ensures delivery of privacy training to all employees and other appropriate third parties.
- Participates in the development, implementation, and ongoing compliance monitoring of all third party agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed, including participation in all acquisitions and divestitures providing counseling on privacy matters related to such transactions.
- Establishes with management, information technology and information security mechanisms to track access to protected personal data within the purview of the organization and as required by law and to allow qualified individuals to review or receive a report on such activity.
- Works cooperatively with applicable organization business units in overseeing customer and employee rights to inspect, amend, and restrict access to protected personal data when appropriate.
- Works with Corporate Security and other similar corporate functions including legal to ensure adequate processes for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization's privacy policies and procedures.
- In cooperation with Human Resources and Legal, ensures appropriate disciplinary actions for failure to comply with privacy policies for all individuals in the organization's workforce, extended workforce, and for all third parties.
- Initiates, facilitates and promotes activities to foster information privacy awareness within the organization and related entities.
- Works in conjunction with Information Security to review all system-related information security plans to ensure alignment between security and privacy practices, and acts as a liaison to the information security department.
- Maintains current knowledge of applicable federal and state privacy laws and accreditation standards, and monitors advancements in information privacy technologies to ensure organizational adaptation and compliance.
- Works with organization administration, legal counsel, and other related parties to represent the organization's information privacy interests with external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulation, or standard; and participate/lead investigations regarding privacy issues.
- Assist in the development of and support the Company's business strategies, goals and objectives, by serving as a true business partner, balancing risks appropriately against business objectives, and discerning issues of real importance from minor ones.
- Always work and set a tone of unwavering dedication to the highest of ethical standards in compliance with both the letter and spirit of the Company's Code of Business Conduct.
(may vary by level)
- JD Degree and admitted to practice law by the bar of at least one State in the United States of America.
- Minimum of 10 years practice in a corporation or law office; with some of those years of practice including handling complex negotiations and transactions.
- Certification from IAPP/US with education and experience relative to the size and scope of the organization.
Required Knowledge, Skills and Abilities
- Knowledge and experience in GDPR preparations, information privacy laws, access, release of information, and release control technologies.
- Experience working with in-house and outside advisors on the development, systems assessments, and implementation of policies and procedures related to GDPR.
- A high level of integrity and trust.
- Demonstrated organization, communication, and presentation skills.
- Must be proficient in Microsoft Office applications.
Minimal travel may be required.
Get your GO on and apply now! Avis Budget is an Equal Opportunity employer - Veterans/Disabled and other protected categories
The information listed above is intended to describe the general nature and level of this position. Essential functions and responsibilities may change as business needs require. Your response to this advertisement may result in your consideration for employment with an affiliated company of Avis Budget Group, the publicly traded parent company of Avis Budget Car Rental, LLC and its subsidiaries. Offers of employment will be made by Avis Budget Car Rental, LLC or any of its employing companies or brands, including Avis, Budget, Budget Truck or AB Car Rental Services.