Data Protection Officer

responsible for monitoring the JNHT’s data practices, ensuring that all functions carried out by the JNHT are in accordance with the provisions of the Data Protection Act (2020). monitoring internal compliance and providing guidance to the JNHT on data protection obligations.

Job Summary

 Reporting to the Executive Director, the Data Protection Officer (DPO) is responsible for monitoring the JNHT’s data practices, ensuring that all functions carried out by the JNHT are in accordance with the provisions of the Data Protection Act (2020). Under the general direction of the Executive Director, the DPO will be accountable for monitoring internal compliance and providing guidance to the JNHT on data protection obligations. Additionally, the DPO will serve as a primary point of contact for supervisory authorities, such as the Office of the Information Commissioner, and individuals whose data is processed by the organization.

  KEY RESPONSIBILITES & COMPETENCIES

•  Design and implement a comprehensive Data Privacy Governance Framework and strategies to effectively manage the use of personal data in accordance with the provisions of the Data Protection Act.
• Establish and maintain appropriate systems and internal control mechanisms that align with the prescribed standards of the Data Protection Act.
• Ensure that the JNHT and its operational processes pertaining to data processing adhere to the established data protection standards and regulations.
• Implement strategies to enhance operational processes and ensure processes are in compliance with regulatory requirements.
• Design and implement Data Protection policies and procedures within the JNHT.
• Ensure that breaches of the data protection standards or violations of the provisions outlined in the Data Protection Act are addressed promptly.
• Review and update the Data Protection Plan regularly to ensure it aligns with any changes in laws, regulations, and policies.
• Ensure the timely collection of data, analysis, and reporting of data on key performance measures.
• Maintain a robust system to address and respond to queries and complaints.
• Ensure proper management and maintenance of personal data records, in compliance with data protection standards.
• Sensitize and train staff on the components of relevant Acts, Regulations and Policies related to data.
• Inform data controllers and data subjects about their rights, obligations, and responsibilities regarding data protection.
• Provide advice and recommendations to staff and the Executive Director regarding the interpretation and application of data protection rules.
• Collaborate with the Information and Communication Technology (ICT) Department to ensure compliance with the Data Protection Act in the JNHT’s ICT system.
• Collaborate with the Information and Communication Technology (ICT) Department to manage data security incidents and ensure timely resolution of issues such as security breaches, complaints, or subject access requests.
• Excellent critical reasoning, quantitative and qualitative analysis skills
• Strong environmental scanning, analysis, and interpretive skills
• Expert knowledge of the data protection law and practices
• Proficiency in the use of the relevant computer applications
• Knowledge of change management principles and practices
• Expert knowledge of auditing techniques and practices
• Good knowledge of risk management techniques and strategies
• Sound knowledge and understanding of GOJ policies and programmes and the machinery of government
• Sound knowledge of applicable laws, policies, regulation and procedures
• Strong negotiating and persuasive presentation skills

QUALIFICATION AND EXPERIENCE

•  Bachelor’s degree in law, Computer Science, Audit or equivalent qualification from recognized tertiary institution.
• Experience or knowledge in data privacy legislation (in particular GDPR).
• Experience or specialized training in records and information management systems.
• Certification in Information Security, Data Protection and/or Privacy Certification such as CIPP,CIPT, ISEB, etc. (preferred)
• Exposure to legal training.
• Minimum three (3) years related work experience.