Title:
Data Protection Manager
Office: Belgrade
Role Summary
The DPM will be key to developing and improving Sanne’s Data Protection provisions and will provide advice and guidance to our staff across the globe. As a key partner to our clients, protecting personal data and maintaining high standards of practice are core principles for us. The post holder will be expected to develop these policy and procedures, maintain a privacy and data protection knowledge base, deliver presentations, and facilitate both face to face and on-line training to a wide audience across all our operating businesses. The DPM role is a demanding position, requiring a willingness to travel globally and provide training and awareness support to a wide range of employees. The post holder will be required to prioritize their working arrangements on an ongoing basis and demonstrate commitment to partnership working with divisional, jurisdictional, regional and support function heads.
This post will be a crucial in supporting the development of a mature information risk management capability in Sanne, and ensure that all governing statutory requirements are met in relation to data protection.
Key Responsibilities
- Define, deploy and maintain a Data Protection Management System which will drive Data Protection Compliance with all governing regulation
- Identify legal requirements and best practice
- Act as or support the in-country lead contact (with the relevant Information Commissioner’s Office) with regard to potential complaints and breaches, ensuring that requests for information are properly handled
- Undertake an oversight role and provide monitoring data to the various legal entity boards and the PLC Audit and Risk Committee on organizational compliance and conformance
- Develop and deliver a comprehensive privacy awareness training program, including face- to-face and online training
- Coordinate Data Protection Act activities (including training) with other information governance leads e.g. Information Security Officer
- Ensure organizational compliance, and conformance with Data protection Principles and highlight key risk areas to the Chief Risk Officer
- Develop, implement and enforce a suitable and relevant Data Protection Policy and ensure it is reviewed on an annual basis
- Develop, implement and enforce a suitable and relevant internal Data Sharing Code of Practice and ensure that it is supported by Sanne’s policies and procedures
- Provide information and guidance on the processing of all personal data
- Process, coordinate and respond to all requests for information
- Maintain and establish a register of data owners for sets of information and educate the data owners on their responsibilities (what is data, how is it used, who has access to it).Maintain data flow maps as necessary. Ensure Sanne’s annual notifications to the relevant Information Commissioner’s Office’s
- Undertake systematic Data protection Act compliance audits in accordance with the Information Commissioners audit tool, extending to outsourced or co-sourced partners where appropriate
- Assist with investigations into complaints about breaches of the act and undertake reporting/remedial action as required. Maintain a log of any incidents and remedial recommendations and actions
- Provide comprehensive reports to the Chief Risk Officer on the organizations compliance with the Data Protection Act and related provisions
- Interpret and provide guidance to the organization on forthcoming and actual changes to relevant legislation relating to Privacy and the Data Protection Act
- Promote Data protection awareness throughout the organization by providing training and written procedures that are widely disseminated and made available to all staff and branch officials
- Develop and implement a Privacy Impact Assessment tool
- Establish an organizational Data protection group and develop and implement an awareness and training program
- Ensure that developments in Data Protection requirements and legislation are tracked and that the organization is in a position to comply with future requirements
- Advise on Information good practice and standards related to Sanne’s overall IT strategy needs, including business continuity requirements, and participate in any future Information projects
- Define, update and maintain the retention schedule and physical items inventory log
- Manage the Sanne Information and archiving process, providing advice and guidance to users on the retention schedule, storage requirements, assisting facilities management in the management of the relationship with the off-site archiving and storage provider and out requirements thereof
Skill & Experience Requirements
The ability to develop policies, strategies and problem solving solutions using or understanding:
- Legal requirements for compliance, and proper legal practices in relation to organizational practices and solutions
- Information systems and data bases to efficiently develop processes
- An awareness of the regulatory environment, and how service providers in the alternative investments space need to adapt and prioritize data protection issues
- Risk management and risk reduction techniques to facilitate continuous improvement
- Risk analysis, risk management, and quality assurance principles & practices
- The Data Protection Act (1998), 17th EU Directive, Information Security principles and practice (inc. ISO27001)
Well-developed interpersonal skills including:
- Leadership & team work
- Ability to mentor, coach and train
- Ability to handle and resolve difficult relationships
- Strong presentation skills and experience with daily written correspondence, reports and newsletters
- Ability to take initiative and independence involving decision making and discretion
- Contributing to a positive and cohesive team culture
- Ability to create training plans and deliver these to staff at all levels
FLSV Fund Administration Services, a Sanne Group Company, is a premier fund administration service provider of alternative assets located across the globe. FLSV is a rapidly growing firm that is expanding its operational support model with resources located in Belgrade.
SANNE is a specialist global provider of outsourced corporate, fund and private client administration, reporting and fiduciary services. Established for over 25 years and listed on the Main Market of the London Stock Exchange, SANNE employs more than 1,000 people worldwide and administers structures and funds that have in excess of £160 billion of assets. Key clients include alternative asset managers, financial institutions, family offices, UHNWIs and corporates. SANNE has a presence in established, international financial centres spread across the Americas, Europe, Africa and Asia-Pacific. For more information, please visit www.sannegroup.com.
Deadline for applications: 18.05.2017.