Responsibilities:

• Ensure the conduct of Privacy Threshold Assessments and Privacy Impact Assessments
• Use Privacy Impact Assessments and recommendations from Privacy Assessment Memos to develop and update the company’s privacy program
• Review risk treatment plans with risk owners and monitor its implementation
• Ensure proper Data Breach and Security Incident management by the company, including the latter’s preparation and submission to the Commission of reports, where applicable, and other documentation concerning personal data breaches within the prescribed period
• Adopt a Privacy by Design approach, advocate for the development, review and/or revision of policies, guidelines, projects and/or programs of the company relating to privacy and data protection
• Cooperate and coordinate with, and seek the advice of, the Commission on matters concerning data privacy and security
• Perform other duties and tasks, including those set forth elsewhere in this Policy, that will further the interest of data privacy and security and uphold the rights of the Data Subjects

Qualifications:

• Strong understanding of the Data Privacy Act and privacy laws in other jurisdictions
• Familiarity with data privacy and information security best practices
• Information Technology and Data Management
• Audit/Risk Management
• Business Process Management
• Program & Project Management