Monitor and assess alerts, cases, and reports for potential privacy incidents (e.g., unauthorized access, data exfiltration, misdirected communications). Perform initial triage to classify incidents involving Personal Data (PII/ PHI). Lead or support end-to-end investigation of privacy incidents. Analyze impacted data elements, systems, and individuals; determine root cause and scope of exposure. Document incident findings in accordance with legal and compliance requirements. Evaluate breach thresholds under regulations (HIPAA, GDPR, state breach laws). Coordinate with Legal on breach notification obligations. Support preparation of regulatory filings and communications to affected individuals. Participate in incident response war rooms and crisis management efforts. Ensure alignment between technical containment and privacy obligations. Maintain detailed incident records and case documentation. Track incident metrics (e.g., time to detect/respond, incident trends). Provide reporting to leadership, regulators, and audit teams. Enhance privacy incident response playbooks and workflows. Conduct tabletop exercises and training sessions. Contribute to privacy program maturity and continuous improvement initiatives. Participate in projects collaborating with stakeholders as needed. Monitor the Privacy Office inbox and provide timely guidance and responses to inquiries. Develop and deliver privacy training and awareness initiatives to promote a culture of data protection and compliance. Draft and review privacy policies and procedures to ensure alignment with applicable regulations and organizational standards.