Infosys BPO - Data Privacy Risk Lead - CIPP/DCPLA/DCPP

Infosys BPO - Data Privacy Risk Lead - CIPP (US/EU/IT), DCPLA, DCPP

What are we looking for in you:

Educational Requirements (Must have):

- Graduation in Engineering with at least 11 years of Experience, OR

- PG / Master of Business Administration, with at least 10 years, OR

- Non Engineering Graduate with at least 12 years of Experience

Skills & Certifications:

- Excellent understanding of internal processes and systems of various enterprise functions.

- Excellent understanding of Delivery operations.

- Quick Learner.

- Excellent Business Communication.

- Privacy Certifications such CIPP (US/EU/IT), DCPLA, DCPP

Responsibilities

Enterprise & Engagement focused:

- Lead and collaborate in the formulation of policies related to collection and processing of personally identifiable information, based on the Privacy & Data Protection Laws of the countries in which the company operates or would like to expand its operations.

- Implement and monitor the data privacy policies and associated processes across functions and business units.

- Risk Management: Identity process level and engagement level risk by performing risk audit, and discussion with process owner and COHs; Assess effectiveness of process audit and deployment of risk assurance framework, Track implementation.

- Proactively partner with functional groups (HR, Finance, CCD/TIG, Facilities) to ensure that the adoption of new technologies, processes, services and solutions are compliant with the applicable data privacy regulations

- Assess the development & enhancements of internal processes & systems and recommend privacy related controls.

- Conduct employee awareness on lawful handling of personally identifiable information, as part of their work.

- Identify risks and also plan and implement the risk mitigation plans

- Lead the data breach handling process for effective addressing of privacy related gaps (if any) reported, in the current process & systems.

- Manage the process related to personal data access requests from individuals.

- Assess subcontracting/outsourcing of any processing of personally identifiable information and recommend privacy related controls (including inclusion of appropriate clauses in the vendor contract.

- Liaison with external Privacy and Data Protection Counsel for expert views and audits.

- Identify and implement internal initiatives on Data Privacy.

Client focused:

- Partner with the product development team in the development of new products (including cloud based) and recommend privacy related features/controls, in summary Privacy by Design.

- Review and respond to privacy related sections in the RFI/RFQ/MSA from clients and collaborate in the feasibility study of privacy related requirements/clauses of the prospect, in the pre-contract sign-off stage.

- Advise the delivery teams regarding implementation of the privacy related requirements.

- Conduct employee awareness on lawful handling of personally identifiable information, as part of their work.

- Assess subcontracting/outsourcing of any processing of personally identifiable information and recommend privacy related controls (including inclusion of appropriate clauses in the vendor contract.

- Conduct internal audits.

- Lead the data breach handling process to effectively address privacy related gaps if any, in the current process & systems.