Privacy Program Manager For Risk Management
CurrentI deployed processes that aid in the development, implementation and maintenance of, and adherence to, the policies and procedures related to data management, information privacy and security. I revamped and deployed the FDIC’s Privacy Continuous Monitoring (PCM) Program. This program reframed the way FDIC approaches privacy, drove changes in how we assessed systems to determine and manage risk, and lead to a change in the culture of the Privacy Program. I serve as a member of the Federal Privacy Council Executive Committee, co-chairing the Agency Implementation Committee (AIC). As the AIC co-chair, I provide a monthly briefing for the government privacy community, sharing information on new requirements or data collections, providing training for privacy professionals across the federal government, and collecting information from the privacy community to share with OMB to identify areas where additional training, briefings, or other guidance may be needed. I also serve as the co-chair for the Financial Regulator Community of Practice (COP). As the COP co-chair, I host monthly meetings with representatives from other financial regulators to discuss privacy risk management activities, challenges unique to smaller agencies or financial regulators, and to share best practices.I participate in Breach Response Table Top Exercises and Incident Response Table Top Exercises and support the Breach Response Risk of Harm Assessments for privacy breaches. I supported the efforts to update privacy contract clauses for future inclusion in FDIC contracts, and reviewed existing contracts for appropriate language. I served as the chair of the Technical Evaluation Panel for the multi-year OCISO contract award, supported the effort to update privacy contract clauses for future inclusion in FDIC contracts, reviewed existing contracts for appropriate language and to determine which contracts require authorization, and serve as technical monitor for the privacy support contract.