Data Protection Specialist (Hybrid)

Job DescriptionJames Stevens Associates are delighted to be working with a Charitable organisation based in High Wycombe that are now looking to recruit a Data Protection Specialist.£50,1902 days in office / 2 from homeBenefits include: 26 days holiday per year plus bank holidays, birthday bonus day, volunteering day, health cashback plan, EAP12 month Fixed Term ContractFrom June the organisation are running a (12 month) pilot of a 35 hour week, meaning Fridays WFH will be 9.00-1.00pmThe charity are recruiting an Interim Data Protection Specialist to review all of their data governance compliance and ensure the appropriate policies, procedures and processes are in place to meet the needs of the business and ensure we protect our customers data.This role will work as part of our Governance team, where our focus is about not only ensuring compliance with relevant legislation and regulation, but mitigating risk and providing assurance to the Board on the security of our systems.Data Protection Specialist - What they need you to do:The role will have 4 key objectives:Working across the business to update legally required records;Produce policies and procedures to ensure these are embedded;Devise bite-size video arts training content; andIdentify where software solutions are available to manage requirements efficiently and effectively.Data Protection Specialist - What you will be responsible for:Supportingthe Senior Leadership Team(SLT)in Data Mapping exercise – priority from Data Governance Steering Group – devise process / training module to ensure remains updated;Data Protection Impact Assessment and devising process / training to ensure this is embedded;Devise data governance policies and procedures required to maintain and monitor compliance withthe UK GDPR (eg Data Protection Policy, Data Subject rights Procedure, Data breach procedure, Data Sharing procedure); collect information to identify processing activitiesAdvises on breaches and queries, producing file notes for future referenceReview data privacy notices for candidates and volunteers;Establish record keeping process and identify gaps from previous data protection reviews;Ensure Group identifies legal basis for process data across the business;Review data collection across the business to ensure collection points contain applicable data privacy notices;Ensure we are meeting data minimisation requirements in customer data collection;Work across the business with Data Governance Steering Group to address data retention issues, ensuring erasure processes are in place and documented;Work with Internal Audit Senior Specialist to develop periodic checks to test verifying records held are process / stored / erased as required;Review where data sharing agreements are in place, if they are up to date and devise training module to assist business to identify where needed and advise on new agreements during the period they are in place;Conduct an audit with Internal Audit Senior Specialist against ICO’s Accountability framework;Training modules on data breaches – how to recognise and what to do and training in privacy considerations in new business development;Help identify a Data Subject Access Request software solution; andCarry out Data Subject Access Requests.Data Protection Specialist - Your experience:Graduate calibreExperience of implementing GDPR compliance within an organisationThelegal and regulatory requirements of GDPR governance – compliance and monitoring experience of translating good practice into an organisation’s environmentExcellent verbal, presentation and written communication skillsBuilding effective and productive working relationships with staff, senior managers and executive teams and customers
#J-18808-Ljbffr