Overview
Job Title: Data Protection Manager
Job Experience: 3 – 5 years.
Exim Bank
Job Summary:
To verify that the bank is following the Regulations and the Personal Data Protection Act. The incumbent will be in charge of putting in place a framework for privacy governance, carrying out privacy impact assessments, organizing and carrying out data privacy audits, reporting infractions, offering advice on corrective actions, responding to inquiries and complaints from data subjects, and offering assistance with any issues pertaining to the protection and privacy of personal information.
Positions and Accountabilities:
Data Security:
- Putting policies and a privacy governance framework in place to control how data is used in accordance with the Personal Data Protection Act; this includes creating data gathering templates and helping with data mapping.
- Reviewing projects, goods, services, procedures, and associated data in collaboration with important internal stakeholders to make sure they abide by the Personal Data Protection Act.
- When needed, we also finish and provide advice on privacy impact studies.
- Examining the consents and contracts with vendors required to carry out initiatives in collaboration with the bank’s information security and procurement departments.
- Taking part in the Committee on Personal Data Protection.
- Overseeing and carrying out regular evaluations of the bank’s privacy governance system.
- Keep an eye on and make sure the bank complies with the regulations and the Personal Data Protection Act.
- Keep an eye on data processors who handle personal information for the bank and make sure they follow data protection regulations.
- Examine and evaluate the bank’s data processing practices to make sure they comply with legal requirements.
- Educate employees within the company about data protection issues.
- Assist internal teams with data protection best practices and offer expert advice.
- Write a report on the Data Protection Impact Assessment (DPIA).
- Arranging for and carrying out audits of data privacy.
- Maintaining a data security incident management plan and working in tandem with the information security function to keep track of all data exports and assets. This will guarantee prompt incident remediation, including impact assessments, security breach response, complaints, claims, or notifications, and subject access requests.
Reporting and Suggestions:
- Create and submit reports to the Data Protection Commission on a quarterly basis regarding the Act’s compliance.
- Create and send management reports outlining the bank’s adherence to the Personal Data Protection Act.
- Determine and notify any infractions of the Regulations or the Personal Data Protection Act that occur during the bank’s data processing operations.
- Provide guidance on methods and corrective actions to address non-compliance with privacy and personal data protection laws.
- Work together with the legal and compliance teams to effectively address concerns about privacy and the protection of personal data.
Handling of Data Subjects:
- Respond to applications, questions, and grievances regarding the gathering or use of personal data that data subjects (such as workers, clients, students, suppliers, partners, and shareholders) have submitted.
- Collaborate with internal departments to look into and swiftly address requests from data subjects in compliance with legal standards.
- Keep track of all contacts and resolutions involving data subjects.
Competencies and Background:
- A bachelor’s degree in computer science, law, information security, risk management, or a similar discipline.
- Strong familiarity with privacy and personal data protection laws and regulations.
