Privacy Manager

1 Position Details

Name of staff member

Privacy Manager

Proposed position and grade

C2

Business Unit

Quality and Risk Management

Managing any People

Yes (1 Privacy Specialists)

2 reports to

Chief Information security officer

3 Overall Purpose Of The Role

The Privacy Manager is responsible for managing the daily operations of Privacy Team.

The Privacy Manager will be responsible for the management of privacy aspects of client and supplier agreements and requests for proposals, conducting privacy impact assessments, managing privacy breach investigations, privacy policy and procedure reviews and other privacy related tasks.

The Privacy Manager will also be responsible for providing guidance on privacy related matters to firms located in the rest of Southern Africa namely Botswana, Mauritius, Mozambique, Namibia, Zambia, and Zimbabwe.

4 Position Specifications

4.1 Educational (minimum level necessary to perform the job)

4.1.1 Professional/Tertiary

• Professional
• LLB Degree
• Professional Privacy certification (preferred)
  
  

Requirements

4.2 Other requirements

4.3 Experience (minimum necessary before being considered for the job)

Desired Qualification And Experience

• 5 years’ experience as Legal professional
• 2 years’ management experience
• 3 years’ privacy related experience
  
  

5 Core Competencies (Attributes)

• Attention to detail and ability to adapt to changing environments
• Ability to analyse and interpret information
• Able to work independently and as part of a team
• Ability to organize, manage and prioritise multiple tasks and work under pressure
• Ability to lead, manage and prioritise workload of team members
• Ability to coping with high stress environments
  
  

6 List of Key Performance Areas & Key Performance Indicators

Main Responsibilities

List the tasks underpinning the responsibility

Develop, implement, and manage policy, processes, and procedures

• Develop, implement, manage, and continuously improve privacy policies, processes, procedures, and protocols.
• Ensure communication of policy, processes, procedures, and protocols updates to staff.
  
  

Privacy Breach Investigation

• Management of the firms privacy breach investigation process.
• Ensure that investigations are complete promptly and according the applicable legal and regulatory requirements.
• Provide status reporting to management
  
  

Review of Privacy related clauses of client, supplier, RFP, NDA, etc.

• Conduct privacy review of client, supplier, NDA, etc. agreement ensuring adequate for the personal information under the firms control.
• Review and update privacy related aspect of agreement template.
• Ensure stakeholder communication
  
  

Conducting Privacy Impact Assessments

• Conduct Privacy Impact Assessments on new technology and business processes.
• Ensure that all Privacy Impact Assessment registers are maintained and accurate.
• Ensure stakeholder communication
  
  

Stakeholder Management

• Ensure appropriate escalation to the Africa CISO of priority issues.
• Ensure appropriate communication with internal and external stakeholder.
  
  

Privacy Awareness

• Development and distribution of privacy awareness material
  
  

Privacy Subject Matter Guidance

• Provide expert Privacy guidance to business units.
  
  

Management Compliance Activities

• Continuously monitoring of Privacy related notification from applicable regulators to develop implementation actions to ensure compliance.
• Assist with Privacy Audit activities and development and implementation of remediation activities