The Chief Privacy Officer (CPO) of the North Carolina Department of Information Technology (NCDIT) will own and establish a vision for a statewide privacy program through leadership, development of clear objectives, policy development, and building relationships with stakeholders and business partners.
The CPO will build a strategic and comprehensive statewide privacy program tailored to the state of North Carolina that defines, develops, maintains and implements policies and processes that enable consistent and effective information privacy practices.
They will work closely with the Chief Risk Officer and the Enterprise Security and Risk Management Office (ESRMO) to ensure data privacy and security while leveraging the data assets to improve North Carolina and will work closely with executive leaders to consult and collaborate to control risks that impact privacy.
The CPO also will identify and recommend prioritization of privacy risk treatment for NCDIT and our extended partner organizations and advise how to maintain and improve adherence to requirements and policies.
The CPO is based in Raleigh, but a hybrid remote work arrangement is possible. This position is designated as Statutory Exempt and is exempt from the State Human Resources Act.
• Build and manage NCDIT’s privacy program, to develop privacy policies and privacy statements internally and with other agencies
• Describe privacy requirements for both NCDIT and the larger IT enterprise along with our vendor partners
• Facilitate data compliance by coordinating with NCDIT’s Privacy Attorney
• Conduct privacy risk and impact assessments, focused on specific business processes or applications
• Update and develop privacy training and awareness programs, and data breach response plans
Knowledge, Skills & Abilities
• Demonstrated experience evaluating privacy trends such as General Data Protection Regulation (GDPR) and state data protection laws, and strengthening privacy governance and accountability
• Considerable experience handling cybersecurity incidents and events involving data classified as high risk, such as electronic protected health information (ePHI), Health Insurance Portability and Accountability Act (HIPAA), Federal Tax Information (FTI), Criminal Justice Information (CJI), Personally Identifiable Information (PII), Family Educational Rights and Privacy Act (FERPA) and Payment Card Industry (PCI) data
• Experience implementing audit controls within an organization to monitor activity on electronic systems that contain or use data classified as restricted or highly restricted information
• Experience overseeing periodic monitoring and review of audit records and NIST security and privacy controls to ensure that activity is appropriate
• Strong legal knowledge necessary to participate in the development, implementation, and continuous monitoring of all business associates and business associate agreements, Memoranda of Understanding/Agreement (MOU/A) and Interconnection Security Agreements (ISA), to ensure privacy concerns, requirements, and responsibilities are addressed
Telecommuting is allowed.
Internal Number: 65018289
About NC Department of Information Technology
The N.C. Department of Information Technology is tasked with providing the state of North Carolina with the information technology tools and services it needs to provide its residents with the governmental services they need to live happy, healthy and prosperous lives.
The N.C. Department of Information Technology is a great place to work. We use a merit-based recruitment and selection plan to fill positions subject to the State Personnel Act with highly qualified individuals. Benefits of working for the department include:
*Flexible work schedules
*Generous leave policies
*Sound retirement system – one of the best in the country
*Stable industry sector
Our employees enjoy opportunities to continually explore new technologies and create systems and applications that support critical services to the state, including Health IT (HIT), law enforcement, and emergency management. As part of the Governor's Cabinet, we are actively involved in many of the governor's initiatives. We do this and more – all while providing meaningful, tangible public service. We offer a stable work/life balance; most positions require little or no travel and many are now remote or hybrid remote.
We also offer internships through the North Carolina State Government Internship Program.
If you enjoy working in a leading-edge environment and appreciate the importance of public service, come join us!