This is a full-time role for a
Data Privacy Officer at Healthway Philippines in Makati. The
Data Privacy Officer will be responsible for ensuring compliance with data privacy regulations, developing and implementing privacy policies, and managing regulatory compliance related to data privacy. The role will involve daily monitoring of data privacy practices and assisting in the development of privacy strategies. This role requires an on-site presence in Makati.
Develop and Implement Data Protection Policies: Create and maintain data protection policies, procedures, and guidelines that align with current and upcoming data protection regulations (e.g., GDPR, CCPA).
- Monitor Compliance: Regularly assess the organization's data processing activities and data flows to ensure compliance with privacy laws and regulations.
Privacy Impact Assessments (PIAs):
Conduct PIAs for new projects, systems, or processes involving the processing of personal data to assess privacy risks and recommend mitigation measures.Data Subject Rights:
Manage data subject rights processes, including handling data subject access requests (DSARs), requests for data deletion, and other data subject rights under applicable laws.Data Breach Management: Develop and oversee procedures for managing data breaches, including notification requirements to regulatory authorities and affected individuals.
- Training and Awareness: Provide guidance and training to staff involved in data processing activities to ensure they understand their responsibilities and comply with data protection requirements.
Vendor Management:
Evaluate data processing agreements with third-party vendors and partners to ensure compliance with data protection standards.Privacy by Design and Default:
Promote privacy by design and default principles across the organization, ensuring that privacy considerations are embedded into projects and business processes from the outset.Regulatory Liaison: Serve as the point of contact for regulatory authorities on data protection matters, and ensure timely reporting and responses to regulatory inquiries.
- Data Protection Impact Assessments (DPIAs): Conduct DPIAs where necessary, particularly in relation to high-risk data processing activities.
- Qualifications and Skills:
Bachelor's degree in law, information technology, computer science, or a related field (advanced degree preferred).
- Minimum of 3 years of experience in a data protection role, with a strong understanding of global data protection regulations and frameworks (e.g., GDPR, CCPA).
Professional certifications such as Certified Information Privacy Professional (CIPP) or equivalent are highly desirable.- Excellent communication skills, with the ability to convey complex legal and technical concepts clearly and effectively.
Strong analytical skills and attention to detail.
- Ability to work independently and collaboratively across departments.
Experience conducting privacy impact assessments, managing data breaches, and providing guidance on data protection matters.
Prior experience in regulatory compliance or legal advisory roles focused on data protection.- Familiarity with IT security frameworks (e.g., ISO 27001) and industry best practices for data protection.
Experience in developing and delivering data protection training programs for employees.
Job Types: Full-time, Permanent
Benefits:
Company events- Opportunities for promotion
Schedule: Day shift
Supplemental pay types:
* Performance bonus
