Data Privacy Officer - Midrand
Salary Negotiable
Midrand,
Gauteng
more than 14 days ago
The primary function of the DPO is to ensure compliance to the provisions of the Binding Corporate Rules Privacy (BCRP) and any other statutory (local and international) privacy requirements that applies to the company.
Key responsibilities of the DPO are:
1) To co-ordinate and align data privacy activities with the Group Privacy Office
2) To provide advice, training and information on privacy matters to the corporate business functions, customers and suppliers as required
3) To monitor compliance to national and international data protection regulations and to the BCRP
4) To monitor data protection arrangements when notified of projects on the automated processing of personal and company confidential data
5) To apply specialised knowledge in the area of data protection, such as when approached by data subjects / owners
6) To work with data controllers, who must provide the DPO with an overview containing specific information on the data processing planned by them before processing begins
7) To carry out what is referred to as 'prior checking' after receipt of the overview of data processing, if ‘automated processing’ might entail special risks for the rights and freedoms of those affected. This is particularly relevant in cases regarding the creation and use of personality profiles and the processing of ‘special categories of personal data’
8) To make part of the information contained in the overview of data processing mentioned above, available to persons in a suitable manner upon application
9) To advise areas within the company that collect, process and use data, in order to ensure that all the required protective measures have been considered and are implemented
10) To provide on-going reporting to management, data controllers and data subjects and other stakeholders as required
11) To work closely with the corporate information security specialists to ensure that data protection requirements are built into common security policies, standards and processes
12) To assist with client-related queries relating to data processing in conjunction with the client DPO representatives
13) To develop a data privacy strategy for the company and to establish the company specific data privacy organisation
14) To represent the company in the area of data privacy both internally and to the public
Operational responsibilities of the DPO are:
1) To identify and evaluate the legal data privacy requirements of the company and provide assessments as required
2) To support requests of Group Privacy concerning international operational projects related to internal and external customers, e.g. approval of contracts and offerings with relation to local data protection law
3) To assist national authorities in the exercise of their legal functions and to develop best practice guidelines on specific topics
4) To co-ordinate external communications on data privacy issues, acting as a single point of contact
5) To develop, review and comment on company policies and procedures, particularly guidelines, data privacy concepts and standard clauses and to evaluate the correlation to Group policies in order to avoid discrepancies
6) To take part in meetings to discuss and co-ordinate international data privacy subjects and their implementation locally
7) To monitor technical (e.g. applications) and non-technical (e.g. staff training, commitment on data secrecy) measures to be taken by the organisation to implement international standards
8) To support all projects of the company with privacy relevance and ensure participation and early involvement
9) To report on data privacy relevant matters on a regular basis
10) To immediately report privacy incidents to Group Privacy and to the company’s EXCO and/or Board as defined by Group Privacy
11) To train local staff and create privacy awareness
12) To attend the IPLM (International Privacy Leader Meeting)
13) To ensure the participation of the company’s employees in the bi-annual data privacy and information protection obligations
14) To co-ordinate external support given by consultants and law firms
Qualifications and experience required:
1. B Com LLB or equivalent
2. Information Security or IT experience would be ideal
3. 2-4 years legal working experience, with a focus on statutory compliance (preferably privacy related)
4. 2-4 years working experience on privacy related projects
5. 2-4 years IT or Business project management experience
If you have not received a response within 48 hours of submitting your resume, please consider your application as being unsuccessful.
Key responsibilities of the DPO are:
1) To co-ordinate and align data privacy activities with the Group Privacy Office
2) To provide advice, training and information on privacy matters to the corporate business functions, customers and suppliers as required
3) To monitor compliance to national and international data protection regulations and to the BCRP
4) To monitor data protection arrangements when notified of projects on the automated processing of personal and company confidential data
5) To apply specialised knowledge in the area of data protection, such as when approached by data subjects / owners
6) To work with data controllers, who must provide the DPO with an overview containing specific information on the data processing planned by them before processing begins
7) To carry out what is referred to as 'prior checking' after receipt of the overview of data processing, if ‘automated processing’ might entail special risks for the rights and freedoms of those affected. This is particularly relevant in cases regarding the creation and use of personality profiles and the processing of ‘special categories of personal data’
8) To make part of the information contained in the overview of data processing mentioned above, available to persons in a suitable manner upon application
9) To advise areas within the company that collect, process and use data, in order to ensure that all the required protective measures have been considered and are implemented
10) To provide on-going reporting to management, data controllers and data subjects and other stakeholders as required
11) To work closely with the corporate information security specialists to ensure that data protection requirements are built into common security policies, standards and processes
12) To assist with client-related queries relating to data processing in conjunction with the client DPO representatives
13) To develop a data privacy strategy for the company and to establish the company specific data privacy organisation
14) To represent the company in the area of data privacy both internally and to the public
Operational responsibilities of the DPO are:
1) To identify and evaluate the legal data privacy requirements of the company and provide assessments as required
2) To support requests of Group Privacy concerning international operational projects related to internal and external customers, e.g. approval of contracts and offerings with relation to local data protection law
3) To assist national authorities in the exercise of their legal functions and to develop best practice guidelines on specific topics
4) To co-ordinate external communications on data privacy issues, acting as a single point of contact
5) To develop, review and comment on company policies and procedures, particularly guidelines, data privacy concepts and standard clauses and to evaluate the correlation to Group policies in order to avoid discrepancies
6) To take part in meetings to discuss and co-ordinate international data privacy subjects and their implementation locally
7) To monitor technical (e.g. applications) and non-technical (e.g. staff training, commitment on data secrecy) measures to be taken by the organisation to implement international standards
8) To support all projects of the company with privacy relevance and ensure participation and early involvement
9) To report on data privacy relevant matters on a regular basis
10) To immediately report privacy incidents to Group Privacy and to the company’s EXCO and/or Board as defined by Group Privacy
11) To train local staff and create privacy awareness
12) To attend the IPLM (International Privacy Leader Meeting)
13) To ensure the participation of the company’s employees in the bi-annual data privacy and information protection obligations
14) To co-ordinate external support given by consultants and law firms
Qualifications and experience required:
1. B Com LLB or equivalent
2. Information Security or IT experience would be ideal
3. 2-4 years legal working experience, with a focus on statutory compliance (preferably privacy related)
4. 2-4 years working experience on privacy related projects
5. 2-4 years IT or Business project management experience
If you have not received a response within 48 hours of submitting your resume, please consider your application as being unsuccessful.
Recruiter: Umjikelo Recruitment Services