Job purpose
The selected candidate will have a responsibility to establish and maintain the University's Data governance framework and ensure the personal data of employees, customers, service providers or any other individuals.
Key Responsibilities/Tasks/Duties:
Leadership and Stakeholder Management
To seek, develop and maintain relationships with the Office of the Data Protection Commissioner, relevant regulators and other key stakeholders.
To assist and guide staff & Management in responding to enquiries or requests from regulators (ODPC), data subjects and other stakeholders as appropriate.
To organize and participate in the training and awareness programs for staff on the relevant Data Protection & Privacy requirements and obligations.
To promote a culture of Data Protection & Privacy by design and by default in the university.
Oversight Compliance with All Data Protection & Privacy And Related Requirements
Act as the public facing function representing the interests of Data subjects as well as supervise and advice the university on the response to such request.
To develop and maintain a mapping of data processing points in all the university's operating /functional areas.
To ensure Data Protection and Privacy policy availability by publishing on the intranet for employees and independent contractors to access and providing it to all contracted third parties (processors) who process personal information on the university's behalf or in terms of a contractual agreements with the university.
To manage third party data protection risks.
To monitor and ensure compliance with the Data protection laws and policies that the university is subject to.
To research and keep abreast of any changes to relevant laws and regulations and prepare regular updates to Management, the University Council, University Senate and the Board of Trustees.
Reporting (20%)
To prepare regular update reports on the data protection compliance program to the Director- Legal Services and the Management Board and/or those of relevant stakeholders.
Support the Director - Legal Services in preparation of update reports on the Data Protection Privacy compliance program.
Supporting data incident response and data breach notification procedures.
Providing updates on matters related to compliance with statutory and regulatory requirements.
To facilitate the provision of ad-hoc reports and or information to the regulators as and when required.
Key Relationships
Key Internal Stakeholders
University Council Executive Committee & Audit & Risk Committee;
Management Board;
Legal;
Chief Manager, Risk ;
ICT, HR, Finance, Admissions & University Registrar;
Heads of Department.
Knowledge: Skills and Experience Required for the Role
Minimum Five Years' Experience within Legal function with specific focus on Data Protection & Privacy.
Sound Working Knowledge of The Data Protection Act,2019 and Other Relevant and Applicable laws, regulations.
Minimum of Bachelor's Degree in law.
Experience in developing Policies and compliance.
Experience in reviewing contracts with third parties.
Good understanding of data processing operations, including information systems data protection needs of an institution.
Experience in managing data incidents and breaches.
Professional Data Protection and/or Privacy certification is a pre- requisite.
Competencies required for this role
Ability to work unsupervised, exercise leadership, and influence change.
Excellent writing and presentation skills.
Strong change and project management skills, including the ability to manage time well, prioritize effectively, and handle multiple deadlines.
Demonstrated ability to undertake large, long term projects, develop alternative methods to complete them.
Detail-Oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.
Ability to handle confidential and sensitive information with the appropriate discretion and ethics.
Leadership & Executive Disposition - Ability to lead a team and engage at Management and Board level.
Ability to prepare and facilitate training as a subject matter expert (SME).
Planning and organizational skills.
Learning and researching.