Data Protection Manager at Exim Bank
Job Description
To ensure the bank’s adherence to the Personal Data Protection Act and
Regulations. The incumbent will be responsible for implementing a
privacy governance framework, conducting privacy impact assessments,
coordinating and conducting data privacy audits, reporting violations,
advising on rectification measures, handling data subject inquiries and
complaints, and providing support in all matters related to personal
data protection/privacy.
Recommended:
Roles & Responsibilities
Data Protection
Implementing measures and a privacy governance framework to manage data
use in compliance with the Personal Data Protection Act, including
developing templates for data collection, and assisting with data
mapping.
Working with key internal stakeholders in the review of projects,
products, services, processes, and related data to ensure compliance
with the Personal Data Protection Act, and where necessary, complete and
advise on privacy impact assessments.
Reviewing vendor contracts and consents needed to implement projects in
partnership with the bank’s Procurement and Information Security
functions.
Participating in the Personal Data Protection Committee.
Managing and conducting ongoing reviews of the bank’s privacy governance framework.
Monitor and ensure the bank’s compliance with the Personal Data Protection Act and Regulations.
Oversee data processors that process personal data on behalf of the
bank, ensuring they also adhere to data protection requirements.
Review and assess the bank’s data processing activities to ensure alignment with regulatory standards.
Train staff across the business on matters related to data Protection.
Provide professional advice and guide internal teams on data protection best practices.
Prepare Data Protection Impact Assessment (DPIA) report
Coordinating and conducting data privacy audits.
Collaborating with the Information Security function to maintain records
of all data assets and exports and maintaining a data security incident
management plan to ensure timely remediation of incidents including
impact assessments, security breach response, complaints, claims or
notifications, and responding to subject access requests.
Reporting and Advisory
Prepare and submit quarterly reports on the compliance of the Act to the Data Protection Commission.
Prepare and submit reports detailing the bank’s compliance with the Personal Data Protection Act to Management.
Identify and report violations of the Personal Data Protection Act or Regulations within the bank’s data processing activities.
Advise on corrective measures and strategies to rectify personal data protection/privacy non-compliance.
Collaborate with legal and compliance teams to resolve personal data protection/privacy issues efficiently.
Read Also:
Data Subject Handling
Address applications, inquiries, or complaints submitted by data
subjects (e.g., employees, customers, students, suppliers, partners,
shareholders) related to the collection or processing of their personal
data.
Coordinate with internal teams to investigate and respond to data
subject requests promptly and in accordance with regulatory
requirements.
Maintain records of data subject interactions and resolutions.
Skills and Qualifications.
University degree in Law, Information Security, Computer Science, Risk Management, or related fields.
Strong understanding of personal data protection/privacy laws and regulations,
