Overview
Work History
Education
Skills
Websites
Privacycertifications
Personal Information
Volunteer Experience
Projects
Timeline
Generic

STEVEN M. BLACK

Salt Lake City,Ut

Overview

13
13
years of professional experience

Work History

Privacy & Cybersecurity Counsel

DigiCert, Inc.
Lehi, UT
11.2022 - Current
  • Developing and maintaining subject-matter expertise in global privacy and information security laws
  • Advising business and spearheading global privacy initiatives under GDPR, FADP, PIPL, APPI, CCPA, POPIA, etc
  • Drafting customer data processing agreements, vendor data processing agreements, and security addenda
  • Negotiating data processing agreements and security provisions in commercial agreements w/fortune 500 companies
  • Drafted contract negotiation playbook and trained contracts team on the negotiability of key provisions under DPAs
  • Drafting memoranda summarizing the applicability, enforcement, and impact of global data protection laws
  • Engaging outside counsel in Hong Kong and UK and coordinating research on high-risk issues under PIPL and GDPR
  • Spearheading a complete overhaul of the global privacy notice and subsidiary privacy notices in multiple countries
  • Drafting privacy and information security policies and procedures, developing a policy inventory and review schedule
  • Advising global information security team on data security laws, incident response, and data classification policy
  • Supervising and training associate privacy counsel, reviewing/approving projects, conducting periodic reviews.

Privacy Attorney & Sr Compliance Officer

Progressive Leasing, LLC
Draper, UT
07.2017 - 10.2022
  • Developed and maintained subject-matter expertise in U.S
  • And global privacy and information security laws
  • Advised the business on and implemented controls under the CCPA/CPRA, VCDPA, CPA, UCPA, HIPAA, GLBA
  • Monitored and analyzed the evolving federal and state privacy and data security legislation, regulation, and case law
  • Drafted privacy policies and procedures and reviewed/approved information security policies and procedures
  • Coordinated and managed privacy risk assessments on third-party risk management controls, policies, and procedures
  • Analyzed third-party vendor agreements, data processing agreements, and NDAs as part of contract negotiations
  • Assisted and advised information security team on inquiries under ISO 27001, PCI-DSS, and SOC2 audits
  • Managed privacy and security incident response, worked with outside counsel, and notified customers of incidents.

Regulatory Compliance Attorney

Select Portfolio Servicing, a Credit Suisse Co.
Salt Lake City, UT
12.2014 - 06.2017
  • Supported legal and compliance directors in managing a $100 billion portfolio of mortgage-backed securities
  • Provided general regulatory guidance on RESPA, TILA, GLBA, FDCPA, FCRA, TCPA, UDAP and foreclosure
  • Conducted legal research and drafted memoranda advising on mortgage servicing and banking laws and regulations
  • Managed the 50 state survey on breach notification laws, analyzed security incidents, and drafted notifications
  • Advised business units on legal and regulatory changes and implemented corresponding changes to internal controls
  • Reported to executive and leadership committee on law changes impacting operations on a monthly basis
  • Drafted lien extensions, mortgage extension agreements, non-satisfaction affidavits, and other legal documents.

Compliance Analyst, Contingent Project

Goldman Sachs
Salt Lake City, UT
01.2014 - 05.2014
  • Developed and improved internal controls on personal brokerage accounts to mitigate the risk of insider trading
  • Streamlined communications with third party brokers to improve monitoring of employee brokerage accounts.

Legal Intern

Utah Technology Commercialization Office
Salt Lake City, UT
09.2012 - 05.2013
  • Assisted legal team in establishing intellectual property rights for clients seeking to commercialize inventions
  • Drafted project proposals to be sent to prospective private sponsors on new scientific and technology inventions.

Legal & Compliance Intern

Celtic Bank
Salt Lake City, UT
05.2012 - 12.2012
  • Assisted corporate counsel in conducting legal research, drafting memoranda, and analyzing relevant case law
  • Conducted an internal fair lending self-assessment probing mortgage loan data for disparate treatment and impact.

Judicial Intern, Honorable William W. Barrett

Utah Third District Court
Salt Lake City, UT
01.2012 - 05.2012
  • Assisted the judge in conducting legal research, drafting memoranda, analyzing case law, and researching criminal law.

Research Assistant, Privacy

Biolaw Project, University of Utah
Salt Lake City, UT
  • Conducted research on global health information privacy laws as part of a white paper to the United States Congress
  • Performed a comparative analysis of HIPAA, the EU Directive, and other international health data privacy laws
  • Conducted research on consumer expectations of privacy with respect to their ePHI.

Education

JD, MBA -

University of Utah, College of Law
Salt Lake City, UT
05.2013

BA, Political Science -

Brigham Young University
Provo, UT
04.2004

Skills

  • Legal Research & Writing
  • Regulatory Compliance
  • Contract Negotiation
  • Risk Analysis & Mitigation
  • Audit & Compliance Testing
  • Change Management

Websites

Privacycertifications

  • CIPP/US, 03/2018
  • CIPP/E, 10/2020
  • U.S. private sector privacy training
  • Comprehensive GDPR knowledge & training
  • Relevant professional experience

Personal Information

Hobbies: Mountain biking, acoustic guitar, amateur astronomy, backpacking, cooking, aerial photography

Volunteer Experience

  • Utah State Bar, Salt Lake City, UT, Cyberlaw Section Representative, 01/2019, Present, Committee member providing counsel and guidance to Utah legislators on anticipated legislative action in 2019, Participated on privacy and cybersecurity panel as part of the iSymposium event at Adobe
  • Italy Padova Mission, LDS Church, Northern Italy, Volunteer Missionary, 02/1997, 02/1999, Studied Italian language on a daily basis and taught weekly English courses to local Italians

Projects

Goldman Sachs, Salt Lake City, UT, Compliance Analyst, Contingent Project, 01/2014, 05/2014, Developed and improved internal controls on personal brokerage accounts to mitigate the risk of insider trading, Streamlined communications with third party brokers to improve monitoring of employee brokerage accounts Utah Technology Commercialization Office, Salt Lake City, UT, Legal Intern, 09/2012, 05/2013, Assisted legal team in establishing intellectual property rights for clients seeking to commercialize inventions, Drafted project proposals to be sent to prospective private sponsors on new scientific and technology inventions Celtic Bank, Salt Lake City, UT, Legal & Compliance Intern, 05/2012, 12/2012, Assisted corporate counsel in conducting legal research, drafting memoranda, and analyzing relevant case law, Conducted an internal fair lending self-assessment probing mortgage loan data for disparate treatment and impact Utah Third District Court, Salt Lake City, UT, Judicial Intern, Honorable William W. Barrett, 01/2012, 05/2012, Assisted the judge in conducting legal research, drafting memoranda, analyzing case law, and researching criminal law

Timeline

Privacy & Cybersecurity Counsel

DigiCert, Inc.
11.2022 - Current

Privacy Attorney & Sr Compliance Officer

Progressive Leasing, LLC
07.2017 - 10.2022

Regulatory Compliance Attorney

Select Portfolio Servicing, a Credit Suisse Co.
12.2014 - 06.2017

Compliance Analyst, Contingent Project

Goldman Sachs
01.2014 - 05.2014

Legal Intern

Utah Technology Commercialization Office
09.2012 - 05.2013

Legal & Compliance Intern

Celtic Bank
05.2012 - 12.2012

Judicial Intern, Honorable William W. Barrett

Utah Third District Court
01.2012 - 05.2012

Research Assistant, Privacy

Biolaw Project, University of Utah

JD, MBA -

University of Utah, College of Law

BA, Political Science -

Brigham Young University

Similar Profiles

CREATE PROFILE
STEVEN M. BLACK