DATA PROTECTION OFFICER

Applications are invited from suitably qualified persons to fill the position of Data protection Officer at the Tourism Enhancement Fund.

Salary Range: $7,165,549.00 to $9,636,867.00

OBJECTIVES/SUMMARY OF POSITION

The Data Protection Officer (DPO) is responsible for monitoring the Tourism Enhancement Fund’s data practices ensuring that all functions carried out by the Tourism Enhancement Fund are in accordance with the provisions of the Data Protection Act (2020). Under the general direction of the Executive Director, the DPO will be accountable for monitoring internal compliance and providing guidance to the Tourism Enhancement Fund on data protection obligations. Additionally, the DPO will serve as a primary point of contact for supervisory authorities, such as Office of the Information Commissioner, and individuals whose data is processed by the Tourism Enhancement Fund.

KEY RESPONSIBILITY AREAS

Administrative/Managerial:

• Provides strategic legal and regulatory guidance/advice to the Executive Director and Senior Management on matters under purview including privacy and data protection issues, laws and trends.
• Enforces policies and programmes ensuring consistency, equity and the adherence of the Data Protection Act.
• Keeps abreast of evolutions, trends, changes and best practices in data protection in keeping the Department’s operations and makes recommendations for their adoption where applicable/necessary.

Technical/Professional Responsibilities

• Design and implement a comprehensive Data Privacy Governance Framework and strategies to effectively manage the use of personal data in accordance with the provisions of the Data Protection Act.
• Establish and maintain appropriate systems and internal control mechanisms that align with the prescribed standards of the Data Protection Act.
• Ensure that the Tourism Enhancement Fund and its operational processes pertaining to data processing adhere to the established data protection standards and regulations.
• Implement strategies to enhance operational processes and ensure processes are in compliance with regulatory requirements.
• Design and implement Data Protection policies and procedures within the Tourism Enhancement Fund.
• Ensure that breaches of the data protection standards or violations of the provisions outlined in the Data Protection Act are addressed promptly.
• Review and update the Data Protection Plan regularly to ensure it aligns with any changes in laws, regulations, and policies.
• Ensure the timely collection of data, analysis, and reporting of data on key performance measures.
• Maintain a robust system to address and respond to queries and complaints.
• Ensure proper management and maintenance of personal data records, in compliance with data protection standards.
• Sensitize and train staff on the components of relevant Acts, Regulations and Policies related to data.
• Inform data controllers and data subjects about their rights, obligations, and responsibilities regarding data protection.
• Provide advice and recommendations to staff and the Executive Director regarding the interpretation and application of data protection rules.
• Assists data subjects in exercising their rights under the Data Protection Act.
• Collaborate with the Information and Communication Technology (ICT) Unit to ensure compliance with the Data Protection Act in the Tourism Enhancement Fund’s ICT system.
• Collaborate with the Information and Communication Technology (ICT) Unit to manage data security incidents and ensure timely resolution of issues such as security breaches, complaints, or subject access requests.
• Provide legislative advice and guidance to the Executive Director regarding any gaps identified from the outcome of the Data Protection and Privacy Impact Assessment.
• Liaises with the Office of the Information Commissioner to address data protection matters and clarify or resolve any doubts regarding the application of the act’s provisions.
• Ensure that any contravention of the data protection standards is reported to the Information Commissioner.
• Collaborate with the Research & Risk Management Department, Internal Audit Department, Legal Services Department, and other key stakeholders to monitor, implement and analyze compliance programmes.
• Prepare and submit routine and special reports, as required.
• Attend and participate in meetings, seminars, workshops, and conferences, as required.
• Performs any other related duties that may be assigned periodically.

Other Responsibilities

Performs other related functions assigned from time to time by the Executive Director and Board of Directors.

SPECIAL CONDITIONS ASSOCIATED WITH JOB / WORKING CONDITIONS

• Pressured working conditions with numerous critical deadlines.
• Will be required to work long hours, after work and on weekends and public holidays when the need arises.
• May be required to travel locally and overseas.

Required Qualification and Experience

• Bachelor’s Degree in Law, Computer Science, Audit or equivalent qualification from recognized tertiary institution.
• Experience or knowledge in data privacy legislation (in particular the Jamaica Data Protection Act, 2020).
• Experience or specialized training in records and information management systems.
• Certification in Information Security, Data Protection and/or Privacy Certification such as CIPP, CIPT, ISEB, etc. (preferred).
• Exposure to legal training.
• Minimum three (3) years related work experience. 

REQUIRED COMPETENCIES

Core

• Excellent critical reasoning, quantitative and qualitative analysis skills
• Strong environmental scanning, analysis, and interpretive skills
• Strong negotiating and persuasive presentation skills
• Leadership
• Planning and Organizing
• Problem Solving & Analysis
• Communication
• Initiative & Judgment
• Integrity/Ethics
• Interpersonal Skills
• Priority Management
• Teamwork

Technical

• Expert knowledge of the data protection law and practices
• Proficiency in the use of the relevant computer applications
• Knowledge of change management principles and practices
• Expert knowledge of auditing techniques and practices
• Good knowledge of risk management techniques and strategies
• Sound knowledge and understanding of GOJ policies and programmes and the machinery of government.
• Sound knowledge of applicable laws, policies, regulation and procedures

Applications accompanied by resume stating the position in the subject line should be submitted no later than May 28, 2024 to:

Manager, Human Resource & Administration

Tourism Enhancement Fund

60 Knutsford Boulevard

Kingston 5

We thank all applicants however, only shortlisted candidates will be contacted.