Data Privacy Manager

About The Position

Requirements

• Bachelor’s degree required.
• Required industry privacy certification (CIPP/US, CIPP/C, CIPM, CIPP/E, AIGP, etc.).
• Minimum of 6–8 years of progressive privacy experience in a highly regulated industry.
• Experience managing or maintaining enterprise data inventories and data maps.
• Knowledge and experience in U.S. state privacy laws, Canadian privacy laws, HIPAA, GDPR and marketing privacy regulations, including CAN‑SPAM, TCPA, and CASL.
• Experience assessing compliance risks related to data protection, and identifying and advising practical, compliant ways to mitigate those risks.
• Experience with data loss prevention and cybersecurity events, including an understanding of forensic investigations, breach notification, and cybersecurity preparedness.
• Experience managing privacy and/or cybersecurity incident response.
• Ability to interpret and apply applicable data privacy laws and regulations.
• Experience developing, initiating, maintaining, and revising privacy and data protection policies and procedures.
• Strong project management skills, including managing and prioritizing multiple concurrent initiatives in a changing and fast-paced environment.
• Results‑driven, with strong attention to detail and a commitment to driving best practices.
• Experience evaluating privacy risks and implementing corrective actions.
• Excellent verbal and written communication skills.
• Proficient in common business tools (e.g., Excel, PowerPoint, Power BI) and privacy management or GRC platforms. Experience with OneTrust a plus.
• An excellent business partner skilled at balancing risk and opportunity, thinks creatively and enables the business to make smart decisions.
• Ability to advise, influence, and collaborate with colleagues, management, and business stakeholders on privacy matters.
• Strong organizational and teamwork skills, paired with a strong work ethic, effective prioritization, initiative, and the ability to lead projects independently and collaboratively.

Nice To Haves

• Strong ability to build effective relationships across the organization.
• Excellent presentation skills.
• Strong analytical skills and diligence.
• Operates with integrity.

Responsibilities

• Manage the day-to-day operations of the enterprise privacy program across FUJIFILM Holdings America Corporation and its subsidiaries.
• Act as a key subject matter expert and advisor to Fujifilm business teams on data privacy and protection practices by providing practical, timely, and strategic guidance on data protection requirements.
• Supports the translation of legal and regulatory obligations into actionable policies, procedures, and controls, and partners with cross‑functional stakeholders to ensure privacy requirements are understood, implemented, and consistently applied across the organization.
• Manage data mapping efforts for FUJIFILM Holdings America Corporation and its subsidiaries. This includes ensuring the accuracy and completeness of new and previously completed data inventories and data flow maps, to reflect organizational systems, vendors, processing purposes, and business operations.
• Draft, update, and maintain privacy and data protection related policies, procedures, standards, and guidelines.
• Provide subject matter expertise and guidance on privacy and data protection laws and requirements, including U.S. state privacy laws, Canadian privacy laws, HIPAA, CAN‑SPAM, TCPA, and CASL.
• Conduct privacy risk assessments, identify potential areas of privacy risk and vulnerability, and develop action plans to mitigate risks.
• Support privacy impact assessments (PIAs/DPIAs), vendor risk reviews, and internal assessments using current data mapping and inventory information, collaborating with Data Governance Manager, as necessary.
• Support diverse business lines, including manufacturing and healthcare on a global scale.
• Support the development and management of privacy training and awareness initiatives to educate employees on privacy obligations, appropriate data handling, and regulatory requirements.
• Collaborate with information security team to ensure that security and privacy concerns are aligned.
• Support ongoing privacy compliance monitoring activities to ensure all privacy concerns, requirements, and responsibilities are addressed.
• Partner with Legal, IT, HR, Marketing, and other stakeholders to integrate privacy by design and data protection controls into business processes and technology initiatives.
• Advise subsidiaries and business leadership on privacy and data protection requirements, risk mitigation strategies, and best practices.
• Keep abreast of privacy and data protection legislative developments, regulatory guidance, and enforcement trends.
• Support the organization’s individual rights request (data subject request) process, including intake, assessment, coordination of responses, and timely fulfillment in accordance with applicable privacy laws.
• Collaborate closely with colleagues in Legal, IT, HR, Finance, and other core functions to direct privacy and data governance issues through the appropriate channels for investigation, remediation, and reporting.
• Assist in the preparation of management reports to FUJIFILM Holdings, subsidiary management, and Privacy leadership on privacy operations, data mapping status, risks, metrics, and emerging issues.
• Support privacy due diligence activities for mergers, acquisitions, and organizational changes, including data mapping and risk assessments.
• Support the organization’s AI governance and responsible use framework, ensuring alignment with applicable privacy, data protection, and ethical use standards, while monitoring emerging AI related privacy and data protection regulatory developments (e.g., U.S. state laws, GDPR adjacent obligations) and escalate impacts to leadership as needed.
• Partner with Legal, IT, and business stakeholders to assess privacy risks associated with AI and automated decision-making systems.
• Assist the Privacy Officer and Data Governance Director with the development, maintenance, and reporting of privacy program metrics and key performance indicators (KPIs) to demonstrate program maturity, compliance posture, and operational effectiveness.
• Prepare regular privacy reporting dashboards and management reports covering critical privacy topics.
• Support the Fujifilm’s incident and breach response program, ensuring timely intake, assessment, escalation, and resolution of security and privacy incidents.
• Serve as a key participant in incident response activities, partnering with Legal, IT, and business stakeholders to assess privacy impact and determine regulatory, contractual, and notification obligations.
• Support HIPAA Privacy compliance obligations, as applicable, including incident response and regulatory alignment.
• Support consent management practices.
• Assist in the maintenance of the Document Retention Policy and related efforts.
• Assist with the development and execution of third-party risk management assessments.
• Maintain current knowledge of all applicable federal (including but not limited to HIPAA), state and international privacy laws applicable to our businesses.
• Assist the Privacy Officer and Data Governance Director as needed with any federal, state and international regulators in privacy reviews or investigations.
• Support the preparation and coordination of Data Governance Committee presentations.
• Other duties as assigned.

Benefits

• Medical
• Dental
• Vision
• Life Insurance
• 401k
• Paid Time Off