GDPR Policy Consultant

Morgan McKinley's client are a large, well-know Charity, based in London.

They are searching for a GDPR policy consultant (write & review) for their GDPR project.

The ideal candidate will be from a legal / compliance background and have written & reviewed policies before - ideally on a GDPR project.

The role is for a not-for-profit charity, so daily rates should be between GBP150 - GBP180 pd.

Job Title: GDPR Policy Consultant

Job Level Cluster: Day rate consultant

Group: GDPR Project

Location: Stockwell

Duration: 4 weeks

Rate: GBP150 - GBP180 PD

Purpose of Job:

The role of the policy writer is to update or write anew a number of the charities policies (as listed below) to ensure readiness for GDPR compliance ahead of the enforcement deadline of 25th May 2018.

Impact:

The role will lead in reviewing, updating and writing specific policies for data protection and compliance with GDPR requirements. They will work closely with the GDPR project manager and the data protection officer on data protection matters across the group and will help to prepare the charity to be compliant ahead of the enforcement deadline.

Decision Making Responsibility:

The post holder will not hold any decision making responsibilities, but will share expertise with the project manager and data protection officer as guidance.

Main Responsibilities:

1. To review selected existing policies and identify areas where changes are needed to make them GDPR compliant.
2. To write new policies where they are required to help the charity deliver GDPR compliance.
3. To provide general input on GDPR compliance discussions within the organisation such that the updated or new policies fit with other internal activities and work streams.
4. To maintain an accurate and up to date list of progress of the updated and new processes (to be shared and reviewed weekly).
5. To comply with existing internal employment data protection and general policies and procedures at all times.

Policy list:

• Data protection policy
• Marketing consent procedure for direct mail and telemarketing
• Privacy Shield policy
• Information classification (one page policy paper)
• Data storage removal policy & guidance
• Data incident management policy & guidance
• Data subject erasure policy (physical and electronic)
• Privacy impact assessment policy
• Data portability policy

Please note all criteria are essential unless otherwise stated

1. Specialist Knowledge, Skills and Experience

1. In depth knowledge of the General Data Protection Regulation requirements and associated legislation and demonstrable experience of applying this in policy and process writing
2. The ability to review existing data protection related policies, identify areas where their current state is not compliant with GDPR requirements, and update them to a compliant state.
3. The ability to write new data protection related policies such that they are compliant with GDPR requirements.
4. Excellent attention to detail with proven ability to analyse data and information.
5. The ability to provide input to wider GDPR project related activities in a way that can be readily understood by colleagues with limited knowledge of GDPR and its requirements.
6. Knowledge of PECR requirements and 1998 Data Protection Act requirements and the associated general practices.
7. Experience of managing time effectively, including working to tight deadlines, prioritising workload and to keep calm under pressure.
8. High degree of IT literacy with experience of using Microsoft Office (Word, Excel, Outlook, PowerPoint) and SharePoint.
9. The ability to work across multiple tasks and work streams simultaneously and maintain accurate records of progress.
10. To be able to work flexibly within a fast paced team environment.
11. Ability to quickly build a rapport and establish professional relationships with colleagues
12. To be confident in sharing knowledge and expertise around data protection and GDPR.
13. To communicate clearly, concisely, assertively and appropriately across all levels, both verbally and in writing, adapting style to suit the audience.
14. To understand and demonstrate commitment to the organisations Equal Opportunities Policy and to ensure all activities are consistent with the Equal Opportunities Policy. This includes all staff interaction and activities and any interface with partners, local groups, other organisations or other individuals.

If you are happy to consider being paid to work professionaly, and help this charity reach GDPR compliance over the next 4 weeks, please respond to this advertisement.

Morgan McKinley is acting as an Employment Agency in relation to this vacancy.

Please note that any references to salary or pay rates in this advertisement and in the salary refinement section are indicative only and should only be used as a guide.