Enterprise focused: ? Lead and collaborate in the formulation of policies related to the collection and processing of personally identifiable information, based on the Privacy & Data Protection Laws of the countries in which the company operates or would like to expand its operations. ? Implement and monitor the data privacy policies and associated processes across functions and business units. ? Proactively partner with functional groups (HR, CAG, CCD, Facilities,?) to ensure that the adoption of new technologies, processes, services and solutions are compliant with the applicable data privacy regulations ? Assess the development & enhancements of internal processes & systems and recommend privacy-related controls. ? Conduct employee awareness on lawful handling of personally identifiable information, as part of their work. ? Identify risks and also plan and implement the risk mitigation plans ? Lead the data breach handling process for effective address of privacy-related gaps (if any) reported, in the current process & systems. ? Manage the process related to personal data access requests from individuals. ? Assess subcontracting/outsourcing of any processing of personally identifiable information and recommend privacy-related controls (including the inclusion of appropriate clauses in the vendor contract. ? Liaison with external Privacy and Data Protection Counsel for expert views and audits. ? Identify and implement internal initiatives on Data Privacy. Client focused: ? Partner with the product development team in the development of new products (including cloud-based) and recommend privacy-related features/controls, in summary, Privacy by Design. ? Review and respond to privacy-related sections in the RFI/RFQ/MSA from clients and collaborate in the feasibility study of privacy-related requirements/clauses of the prospect, in the pre-contract sign-off stage. ? Advise the delivery teams regarding the implementation of the privacy-related requirements. ? Conduct employee awareness on lawful handling of personally identifiable information, as part of their work. ? Assess subcontracting/outsourcing of any processing of personally identifiable information and recommend privacy-related controls (including the inclusion of appropriate clauses in the vendor contract. ? Conduct internal audits. ? Lead the data breach handling process for the effective address of privacy-related gaps if any, in the current process & systems.
null
null
Data Privacy->Data Privacy (General Data Protection Regulation/ Certified Information Privacy Technologist/ DSCI Certified Privacy Lead Assessor/ GDPR/ CIPT/ CIPP/ DCPLA)