- Play a key role in fostering a data protection culture within the organisation and helping implement essential elements of the GDPR such as the principles of data processing, data subject's rights, data protection by design and default, records of processing activities, security of processing and notification and communication of data breaches.
- Maintain excellent working relationships with business teams, encouraging a positive culture of compliance and ethical behaviour by working with the business
- Carry out the responsibilities of the DPO as laid out in Article 39 of the GDPR.
- To cooperate with and liaise with the ICO where necessary.
- To be the first point of contact for the ICO and for individuals whose data is processed
- Identify and co-ordinate actions necessary to ensure that the Group meets the requirements of data protection legislation.
- Ensure Group meets all requirements of PCI and DSS, including liaising with the external QSA.
- Keep abreast of new or upcoming changes to data protection regulations and assess for impact to Group engaging with business areas as required.
- Monitor compliance with data protection regulatory requirements as well as Group's data protection policies.
- Conduct internal reviews and assessments to provide assurance to senior management that Group are complying with current data protection laws.
- Develop and maintain a Group wide Data Protection Compliance Plan that facilitates the monitoring of relevant systems and controls
- Follow-up the implementation of agreed corrective action plans with management on a timely basis.
- Advise and monitor on the completion of Data Privacy Impact Assessments.
- Support the business in identifying data protection and privacy risks by reviewing and advising on Data Privacy Impact Assessments as required.
- Embed compliance with current data protection laws.
- Inform, advise and issue recommendations to management where necessary.
- Managing internal data protection activities.
- Manage the update of all Data Protection Policies, manuals, checklists, templates as needed.
- Maintain a central register of the organisations Records of Processing Activities (ROPA)
- Oversee the compliance and analyse the business ROPA, challenge where needed, highlight risks and concerns as appropriate,
- Liaise with the IT Security Manager to ensure that all data loss controls and systems operate effectively.
- Provide training and awareness on data protection issues.
- Ensure the business are suitably informed and trained in relevant areas of data protection to enable them to carry out their jobs effectively.
- Hold and maintain professional qualities and expert knowledge of data protection law and practices to fulfil the tasks required of the role.
- Work with the Risk and Compliance teams on any identified incidents or concerns that are highlighted in your role.
You should have been the nominated DPO before and be used to dealing with the ICO
The role is fully home based during COVID restrictions after which may be fortnightly or monthly meetings at the Head Office in the South East but full travelling time allowed of course if so, thus they are open to applicants from Northern or Southern England.
Please send your details to David Crook email@example.com(including a contact no) however please note due to COVID-19 we cannot reply to all applications so only successful applications will be contacted (although under no circumstance are your details ever passed on without your specific permission).
Compliance Recruitment Solutions Limited (CRS) are acting as an employment agency in relation to this role.
The recruiter has stated that all applicants for this job should be able to prove that they are legally entitled to work in the UK. Through application, all candidates signify their acceptance of the above information and confirm that the information they provide is true and accurate to the best of their knowledge .