Data Privacy Manager

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee the daily operations of the enterprise privacy program for FUJIFILM Holdings America Corporation and its subsidiaries.

• Serve as a primary subject matter expert and advisor to Fujifilm business teams on data privacy and protection practices, offering practical, timely, and strategic advice on data protection requirements.

• Assist in translating legal and regulatory obligations into actionable policies, procedures, and controls while collaborating with cross-functional stakeholders to ensure privacy requirements are comprehended, implemented, and consistently applied throughout the organization.

• Direct data mapping initiatives for FUJIFILM Holdings America Corporation and its subsidiaries.

• This involves ensuring the precision and completeness of both new and existing data inventories and data flow maps, reflecting organizational systems, vendors, processing purposes, and business operations.

• Create, update, and maintain policies, procedures, standards, and guidelines related to privacy and data protection.

• Provide expertise and guidance on privacy and data protection laws and requirements, including U.S. state privacy laws, Canadian privacy laws, HIPAA, CAN-SPAM, TCPA, and CASL.

• Perform privacy risk assessments, identify potential privacy risks and vulnerabilities, and develop action plans to address those risks.

• Assist with privacy impact assessments (PIAs/DPIAs), vendor risk reviews, and internal assessments using current data mapping and inventory information, in collaboration with the Data Governance Manager as necessary.

• Support a variety of business lines, including manufacturing and healthcare on a global scale.

• Aid in the development and management of privacy training and awareness initiatives to inform employees about privacy obligations, appropriate data handling, and regulatory requirements.

• Work closely with the information security team to ensure alignment of security and privacy concerns.

• Facilitate ongoing privacy compliance monitoring activities to ensure all privacy concerns, requirements, and responsibilities are effectively addressed.

• Collaborate with Legal, IT, HR, Marketing, and other stakeholders to incorporate privacy by design and data protection controls into business processes and technology initiatives.

• Advise subsidiaries and business leadership on privacy and data protection requirements, risk mitigation strategies, and best practices.

• Stay updated on developments in privacy and data protection legislation, regulatory guidance, and enforcement trends.

• Assist with the organization’s individual rights request (data subject request) process, including intake, assessment, coordination of responses, and timely fulfillment in accordance with relevant privacy laws.

• Work closely with colleagues in Legal, IT, HR, Finance, and other core functions to manage privacy and data governance issues through appropriate channels for investigation, remediation, and reporting.

• Help prepare management reports for FUJIFILM Holdings, subsidiary management, and Privacy leadership on privacy operations, data mapping status, risks, metrics, and emerging issues.

• Support privacy due diligence activities for mergers, acquisitions, and organizational changes, including data mapping and risk assessments.

• Contribute to the organization’s AI governance and responsible use framework, ensuring alignment with applicable privacy, data protection, and ethical use standards, while monitoring emerging AI-related privacy and data protection regulatory developments (e.g., U.S. state laws, GDPR adjacent obligations) and escalating impacts to leadership as necessary.

• Collaborate with Legal, IT, and business stakeholders to evaluate privacy risks associated with AI and automated decision-making systems.

• Assist the Privacy Officer and Data Governance Director in the development, maintenance, and reporting of privacy program metrics and key performance indicators (KPIs) to demonstrate program maturity, compliance posture, and operational effectiveness.

• Create regular privacy reporting dashboards and management reports covering essential privacy topics.

• Support Fujifilm’s incident and breach response program, ensuring timely intake, assessment, escalation, and resolution of security and privacy incidents.

• Act as a key participant in incident response activities, collaborating with Legal, IT, and business stakeholders to evaluate privacy impact and determine regulatory, contractual, and notification obligations.

• Assist with HIPAA Privacy compliance obligations, as applicable, including incident response and regulatory alignment.

• Support consent management practices.

• Aid in the maintenance of the Document Retention Policy and related initiatives.

• Assist in the development and execution of third-party risk management assessments.

• Keep current knowledge of all relevant federal (including but not limited to HIPAA), state, and international privacy laws applicable to our businesses.

• Assist the Privacy Officer and Data Governance Director as necessary with any federal, state, and international regulators during privacy reviews or investigations.

• Support the preparation and coordination of Data Governance Committee presentations.

• Perform other duties as assigned.

⛳️ Requirements

• Bachelor’s degree is required.

• Industry-recognized privacy certification (CIPP/US, CIPP/C, CIPM, CIPP/E, AIGP, etc.) is required.

• A minimum of 6–8 years of progressive privacy experience in a highly regulated industry.

• Experience in managing or maintaining enterprise data inventories and data maps.

• Knowledge and experience with U.S. state privacy laws, Canadian privacy laws, HIPAA, GDPR, and marketing privacy regulations, including CAN-SPAM, TCPA, and CASL.

• Proficiency in assessing compliance risks related to data protection and identifying and advising on practical, compliant strategies to mitigate those risks.

• Experience with data loss prevention and cybersecurity events, including an understanding of forensic investigations, breach notification, and cybersecurity preparedness.

• Experience in managing privacy and/or cybersecurity incident response.

• Ability to interpret and apply relevant data privacy laws and regulations.

• Experience in developing, initiating, maintaining, and revising privacy and data protection policies and procedures.

• Strong project management skills, including the ability to manage and prioritize multiple concurrent initiatives in a fast-paced environment.

• Results-driven, with a keen attention to detail and a commitment to implementing best practices.

🏝️ Benefits

• Medical, Dental, Vision

• Life Insurance

• 401k

• Paid Time Off