Deputy Data Protection Officer - London
- Recruiter
- BCT Resourcing
- Location
- London, London
- Salary
- £55,000 - £65,000 per annum
- Posted
- 03 Feb 2018
- Closes
- 03 Mar 2018
- Ref
- 1484686
- Sectors
- Banking & Financial Services
- Contract Type
- Permanent
- Hours
- Full Time
Deputy Data Protection Officer
Southampton & London - Flexible travel between both
£55000 - £65000 per annum
Due to the significantly increased workload on the road to GDPR compliance, client (The Global Data Protection Officer of a FTSE 100 Insurer) requires a deputy to support them in all areas of Data Protection & Privacy.
This is a 12 month Fixed Term Contract with plans to naturally develop into a permanent position with immediate career progression opportunities.
Key Responsibilities and Scope of role:
My client is seeking a Deputy Data Protection Officer with detailed knowledge of the General Data Protection Regulation (GDPR) to join their team. The Deputy Data Protection Officer will ensure that employees are fully aware of their obligations under GDPR, promote a strong and positive culture of data protection excellence, support the completion of Data Protection Impact Assessments (DPIAs), and process Subject Access Requests (SARs).
The post-holder will support the Group Data Protection Officer (GDPO) in making sure the business is compliant with all relevant data protection legislation, and will deputise for the GDPO as necessary.
Leadership
* Deliver the data protection strategy as defined by the Group Data Protection Officer (GDPO).
* Point of contact for enquires relating to GDPR.
* Promote a strong and positive culture that values individuals' privacy.
* Undertake activities as defined by the GDPO to embed GDPR compliance into business as usual activities.
* Remain up to date on any GDPR or data protection related change that may affect the business.
* Manage any direct reports that are required to deliver the data protection strategy.
* Deputise for the GDPO as required, and support their role as contact point for regulators and data subjects.
* Support the GDPO to meet Board, Committee and other reporting requirements.
Compliance & Risk Management
* Process Subject Access Requests (SARs) on behalf of the GDPO in line with defined business processes and timescales set out by the Regulations.
* Co-ordinate the delivery of cross-Business Unit SARs, in line with the agreed group approach.
* Ensure Data Protection Impact Assessments (DPIAs) as defined by the regulations, are completed as part of project management processes, third-party tender processes, and due diligence exercises on suppliers
* Maintain comprehensive records that meet the accountability requirements of the Regulations, of all data processing activities being conducted and ensure these reflect any changes to business processes over the course of time.
* Implement and maintain a flexible and scalable breach management capability within central services to meet the GDPR requirements.
* Investigate significant data protection incidents across central services where necessary, ensuring the response meets regulatory expectations and standards and minimises the risk for individuals whose data may have been compromised. Make recommendations to the Group DPO for remedial actions that will resolve the incident and prevent future reoccurrences.
* Monitor compliance with the GDPR and other data protection legislation and regulations, and with the privacy policies and standards.
* Be aware of the risk frameworks, and the nature of processing operations involving personal data across the businesses.
* Work with other Data Guardians in each business to ensure a consistent approach to privacy risks and compliance.
Advice & Support
* Inform and advise staff on matters GDPR related, including legislation and regulations as defined by the GDPO.
* Inform and advise employees of their obligations under GDPR and ensure customer centricity when handling data subjects personal data.
* Deliver an ongoing programme of training across central services highlighting the importance of Data Protection and GDPR
* Develop a deep understanding of products, processes and procedures that will support the GDPO in delivering group level compliance with the Regulations, driving forward the cultural shift that is a desired outcome of the GDPR implementation.
* Provide advice for and support the undertaking of Data Protection Impact Assessments.
* Maintain up to date knowledge of data protection legislation and regulation, industry standards and recognised best practice.
* Work as part of the group Data Guardian community to resolve centrally located matters, share best practice and develop learning methods.
* Build and maintain effective relationships with key stakeholders, including stakeholder buy-in of activity, findings, remediation and outputs. Proactively building a network of contacts and beneficial relationships.
Southampton & London - Flexible travel between both
£55000 - £65000 per annum
Due to the significantly increased workload on the road to GDPR compliance, client (The Global Data Protection Officer of a FTSE 100 Insurer) requires a deputy to support them in all areas of Data Protection & Privacy.
This is a 12 month Fixed Term Contract with plans to naturally develop into a permanent position with immediate career progression opportunities.
Key Responsibilities and Scope of role:
My client is seeking a Deputy Data Protection Officer with detailed knowledge of the General Data Protection Regulation (GDPR) to join their team. The Deputy Data Protection Officer will ensure that employees are fully aware of their obligations under GDPR, promote a strong and positive culture of data protection excellence, support the completion of Data Protection Impact Assessments (DPIAs), and process Subject Access Requests (SARs).
The post-holder will support the Group Data Protection Officer (GDPO) in making sure the business is compliant with all relevant data protection legislation, and will deputise for the GDPO as necessary.
Leadership
* Deliver the data protection strategy as defined by the Group Data Protection Officer (GDPO).
* Point of contact for enquires relating to GDPR.
* Promote a strong and positive culture that values individuals' privacy.
* Undertake activities as defined by the GDPO to embed GDPR compliance into business as usual activities.
* Remain up to date on any GDPR or data protection related change that may affect the business.
* Manage any direct reports that are required to deliver the data protection strategy.
* Deputise for the GDPO as required, and support their role as contact point for regulators and data subjects.
* Support the GDPO to meet Board, Committee and other reporting requirements.
Compliance & Risk Management
* Process Subject Access Requests (SARs) on behalf of the GDPO in line with defined business processes and timescales set out by the Regulations.
* Co-ordinate the delivery of cross-Business Unit SARs, in line with the agreed group approach.
* Ensure Data Protection Impact Assessments (DPIAs) as defined by the regulations, are completed as part of project management processes, third-party tender processes, and due diligence exercises on suppliers
* Maintain comprehensive records that meet the accountability requirements of the Regulations, of all data processing activities being conducted and ensure these reflect any changes to business processes over the course of time.
* Implement and maintain a flexible and scalable breach management capability within central services to meet the GDPR requirements.
* Investigate significant data protection incidents across central services where necessary, ensuring the response meets regulatory expectations and standards and minimises the risk for individuals whose data may have been compromised. Make recommendations to the Group DPO for remedial actions that will resolve the incident and prevent future reoccurrences.
* Monitor compliance with the GDPR and other data protection legislation and regulations, and with the privacy policies and standards.
* Be aware of the risk frameworks, and the nature of processing operations involving personal data across the businesses.
* Work with other Data Guardians in each business to ensure a consistent approach to privacy risks and compliance.
Advice & Support
* Inform and advise staff on matters GDPR related, including legislation and regulations as defined by the GDPO.
* Inform and advise employees of their obligations under GDPR and ensure customer centricity when handling data subjects personal data.
* Deliver an ongoing programme of training across central services highlighting the importance of Data Protection and GDPR
* Develop a deep understanding of products, processes and procedures that will support the GDPO in delivering group level compliance with the Regulations, driving forward the cultural shift that is a desired outcome of the GDPR implementation.
* Provide advice for and support the undertaking of Data Protection Impact Assessments.
* Maintain up to date knowledge of data protection legislation and regulation, industry standards and recognised best practice.
* Work as part of the group Data Guardian community to resolve centrally located matters, share best practice and develop learning methods.
* Build and maintain effective relationships with key stakeholders, including stakeholder buy-in of activity, findings, remediation and outputs. Proactively building a network of contacts and beneficial relationships.