What are the responsibilities and job description for the Compliance Specialist III position at Simmons Bank?
It's fun to work in a company where people truly BELIEVE in what they're doing!
We're committed to bringing passion and customer focus to the business.
The Privacy Compliance Specialist will support the organization’s privacy program, ensuring compliance with applicable laws, industry standards, and internal policies. This role requires a strong understanding of privacy laws such as CCPA/CPRA, GLBA, HIPAA, and other relevant regulations. The ideal candidate has practical experience in data privacy, information governance, and regulatory compliance.
Essential Duties And Responsibilities
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
Skills
We're committed to bringing passion and customer focus to the business.
The Privacy Compliance Specialist will support the organization’s privacy program, ensuring compliance with applicable laws, industry standards, and internal policies. This role requires a strong understanding of privacy laws such as CCPA/CPRA, GLBA, HIPAA, and other relevant regulations. The ideal candidate has practical experience in data privacy, information governance, and regulatory compliance.
Essential Duties And Responsibilities
- Monitor and interpret changes in global, federal, and state privacy laws; advise internal stakeholders on regulatory impact.
- Draft, review, and maintain privacy-related policies, procedures, and standards across business units.
- Conduct privacy impact assessments (PIAs) and advise on data use in new projects, systems, and third-party engagements.
- Review contracts, data processing agreements (DPAs), and vendor relationships for privacy compliance.
- Provide regulatory guidance on the collection, use, storage, transfer, and disposal of personal data.
- Investigate, assess, and document privacy incidents and data breaches; assist with regulatory reporting as needed.
- Support training and awareness initiatives to promote a culture of privacy across the organization.
- Partner with IT, InfoSec, HR, Marketing, Product, and other teams to implement privacy by design and data minimization principles.
- Conduct internal audits and assessments of data privacy controls.
- Assist with responding to data subject access requests and customer or regulator inquiries.
- Develop and implement action plans to remediate privacy issues, secure stakeholder alignment, and manage issues through resolution.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
Skills
- Strong working knowledge of privacy laws (e.g., CCPA/CPRA, GLBA, HIPAA, etc.)
- Strong contract review skills specific to data protection clauses.
- Excellent legal research, writing, and communication skills.
- Ability to communicate complex legal and compliance issues to non-legal stakeholders.
- Experience with data mapping, data governance, and privacy tools (e.g., OneTrust, TrustArc) is a plus.
- BS/BA Degree (4 year) from an accredited university /college or two to four years’ experience in equivalent compliance position, preferred.
- Certified Information Privacy Professional (CIPP/US, CIPP/E)
- Certified Information Privacy Manager (CIPM)
- Other relevant certifications (e.g., CIPT, CISSP, CISA)
- MS Word, Excel, PowerPoint, and Outlook
- Must have good time management, communication, and organizational skills.