Job Description

KEY RESPONSIBILITIES AND DUTIES

• Implementing, executing, and ensuring compliance as per defined Privacy Policies and Procedures across respective regions, business functions, entities, and business segments.

• Manage DPO (Data Protection Office) team with expertise and operational activities to ensure sustenance of data privacy framework.

• Periodically reviewing and, where necessary, updating the procedures set forth as part of the organization privacy program including managing ROPA (Record of Processing Activities) documents, conducting GAP assessment, DPIA (Data Protection Impact Assessment).

• Coordinating with cross-functional leadership, including legal team, HR team, IT team etc., to establish privacy risk strategies, as well as identifying program intersections, dependencies, and enhancements.

• Conducting department wise gap assessment and documenting potential exposure to privacy risks against the privacy framework at organization level.

• In conjunction with the legal function, communicating with employees about significant legal and regulatory developments and trends related to privacy.

• Coordinating ongoing awareness, training, and guidance on Privacy Governance Framework and privacy laws and regulations, for organization personnel and associated privacy stakeholders.

• Maintaining awareness of industry trends, legal and regulatory changes, and current enforcement activities.

• Coordinating and assisting with periodic DPIA (Data Protection Impact Assessment) reviews to ensure compliance with the organization privacy program, any supplementing policies/procedures supplementing, and applicable laws and regulation

• Coordinating the review, investigation, evaluation, and reporting of privacy law and/or framework violations within organization.

• Versioning of all privacy policies on frequent basis and their End-to-End implementation

• Regular internal audits, gap identification and fixing them

• Creating awareness & educating internal employees on the data privacy and its importance

• Create and maintain Privacy Learning content on Internal LMS (Learning Management System)

• Maintain Privacy Policy according to applicable regulations and laws in place

• Performing data privacy related checks as part of vendor risk assessment

• Ensure to have data protection clauses in place with contracts

• Maintain data privacy training plan and train the employees

• Prepare notices for collecting PII/ SPI (Personally Identifiable Information/Sensitive Personal Information) as required for new initiatives

• Prepare consent templates for collecting PII/ SPI as required for new initiatives

• Maintain RACI (Responsible, Accountable, Consulted, Informed) to make aware of employees of their roles and responsibilities

• Maintain data classification and handling guidelines

• Maintain data retention standard

• Maintain Privacy Risk Register

• Maintain data breach management procedure

• Maintain NCCA (Non Confirmity and corrective action tracker) tracker

• Maintain consent management procedure

• Maintain cookie management procedure

Deadline: 10th November 2022

WORK CONDITION AND ENVIRONMENT

• Requires travel within the country.

• Requires visiting operations in field, including government offices and schools in rural districts

• COVID-19 protocols as defined by GoI would be followed and travel will be planned accordingly.

Application Form- https://forms.office.com/r/n1Xzk8JJS9

“Piramal Foundation is an equal opportunities organization and promotes gender diversity at the workplace. Women candidates are encouraged to apply”

Eligibility Criteria

QUALIFICATIONS AND EXPERIENCE

• Bachelor’s degree in law, finance, business management, or a related field

• Min 3 years’ proven experience in handling Data Privacy in reputed organization

• Good knowledge of legal requirements and procedures (pls define/give examples of legal requirements)

• A CIPM/CIPT/CIPP and formal education in Privacy and Compliance are a plus.

SKILLS AND KNOWLEDGE

• Expertise in data protection laws and practices including an in-depth understanding of the GDPR(General Data Protection Regulation)

• Understanding of Indian Data Privacy and Protection framework

• Experience within a legal, audit and/or risk function department

• Proficient in Microsoft Office Suite or related writing and presentation software

• Strong project management skills

• Ability to work well under pressure and manage sensitive and confidential information

• Excellent verbal and written communication skills, with strong attention to detail

• Great interpersonal skills and ability to work well both independently and as part of a team

Desired Candidate Profile

Graduation - Graduate-Other

Organization Details

• Organization Name:Piramal Foundation for Education Leadership (PFEL)/Kaivalya Education Foundation (KEF)
• About Organization:At Kaivalya Education Foundation, founded in 2008, we employ a bottom-up approach to solving the intertwined problems in the public education system at scale. Through ongoing ground support driving innovation on the field, we develop geography-specific, tech-based solutions to improve leadership and processes. The foundation thus established works to re-shape education delivery for the future such that every child, regardless of background, can avail of the life chances she deserves.
  
  Know more