Data Protection Officer – London – £55K – £65K + Package
The Data Protection Officer will form part of a newly expanded Security Team. The team has 5 key functions – Information Security, Architecture, Information Governance, Data Protection and Records Management. Joining this professional and future focused team, you will be the Data Protection Officer for the organisation. The Data Protection Officer is responsible for promoting monitoring and promoting compliance with, and acting as, the primary source for expert advice & guidance about GDPR and Data Protection law.
Role of the Data Protection Officer
• To be the Data Protection Officer as defined by GDPR Article 39.
• To monitor compliance with the GDPR and other data protection laws, and with reference to data protection policies
• To provide routine reports to the Executive/Board via the SIRO/CTO on the organisational compliance position.
• To advise on, and monitor the processes for, data protection impact assessments.
• To be the first point of contact within the organisation:
– For the ICO about data protection matters and to provide any evidence of compliance requested and in relation to breach management.
– For individuals whose data is processed (grant applicants, staff, meeting/conference delegates etc.)
– For all data protection matters including incidents and breach management.
• To maintain expert knowledge of data protection law.
• To ensure that data protection is addressed by default and in the design of any new system and information process.
• To ensure maintains its record of processing operations and: Oversees the collection information to identify processing activities;
– Analyse and check the compliance of processing activities
– Inform, advise and make recommendations to process owners.
– Ensure DPIA’s have been correctly carried out
• To develop or advise on the development of Policies, procedures and other measures to ensure compliance including but not limited to:
– Records of processing activities
– Data Protections by design
– Data Subject Access compliance
– Fair Processing
• To monitor and report on levels of compliance with GDPR and other applicable law and with the processing of personal data.
• To carry out or facilitate regular privacy audits.
• To respond to, investigate and resolve, data protection and privacy related inquiries and complaints from data subjects including but not limited to members of the public, staff and the ICO and be the primary source of knowledge about best practice for compliance.
Requirements of the Data Protection Officer
- Good communication skills and the ability to translate IT/technical/legal requirements into easily understood language
- Excellent communication, interpersonal and presentation skills including experience of presenting contentious or complex information to large audiences, and effective reporting at senior management level (both written & verbal), including the ability to gain credibility and confidence of senior management
- Proven organizational skills, strategic planning and management skills essential, prioritizing activities that create greatest value; managing time, cost and resources effectively
- Excellent negotiating and diplomacy skills and ability to remain objective when dealing with issues
- Ability to operate independently and without instruction over the way they carry out their tasks and be able to balance the rights of the individual against the objectives of the organisation, taking the commercial view.
- Excellent written documentation skills.