Data Privacy Business Partner

The main purpose of this position is to facilitate and ensure the implementation of privacy standards for the assigned business clusters and to provide specialist consultancy on privacy to business clustersDetailed descriptionFacilitate the implementation of personal information (PI) measures as well as privacy tools, standardsand procedures for the assigned business clusters to ensure the lawful processing of PI.Conduct impact assessments on existing processes and new projects for the assigned business clusters to identify compliance gaps and recommend remedial actions.Drive the implementation of remedial actions on existing processes and new projects for the assignedbusiness clusters.Identify privacy training needs and gaps, and facilitate relevant training within the assigned businessclusters.Conduct and/or oversee audits on existing and new PI processes (including high-risk third parties) in the assigned business clusters, according to the priority agreed with the Data Protection Officer.Analyse data and identify patterns for the assigned business clusters, and provide insights andrecommendations to address any compliance gaps.Compile privacy reports for the assigned business clusters to the departmental management committees on compliance with the Protection of Personal Information Act 4 of 2013 (POPIA).Ensure that any PI breaches are logged correctly by the assigned business clusters.Conduct the preliminary investigation in incident handling for any PI breaches, and coordinate and/orparticipate in problem identification, root cause analysis and recommendations to prevent futureoccurrences.Stay current with PI knowledge and skills in order to maintain professional expertise and relevantaccreditation.Establish and maintain stakeholder relations (internal and external) for ensuring continued compliancewith PI conditions.Keep abreast of industry developments and best practice, and ensure the application thereof within own work.Facilitate the implementation of the third-party risk assessment framework to ensure that third-party contracts comply with PI conditions.Job requirementsBachelor's degree in Compliance or Law (NQF 7), or an equivalent qualificationAt least 3-5 years of relevant work experience in data privacy and protection programme management processes, practices, technologies, risk management, audit and/or complianceAt least 5 years of regulatory experience in the banking industry