Data Protection Officer (GMG/SEG 3)

 JOB PURPOSE

Under the general leadership and direction of the Chief Programme Officer, the Data Protection Officer will be responsible to monitor compliance and data practices in an independent manner, of the Ministry, the Regional Health Authorities and its other agencies and their functions with regard to the provisions of the Data Protection Act 2020 of the Government of Jamaica. The incumbent will also serves as the primary point of contact within the Ministry for all data subjects including members of staff, clients/patients, suppliers any relevant public bodies on issues related to data privacy and data protection. The Data Protection Officer also reviews policies that enforce compliance with applicable legislation and train staff to increase awareness of data privacy and protection requirements.

KEY OUTPUT

• Ministry’s Data Protection Policy and Guidelines;
• Internal Data Protection Framework established
• Data Protection Compliance Audits
• Advice regarding Data Protection Impact Assessments (DPIAs) provided
• Data protection and compliance training developed
• Data protection and compliance training material reviewed
• Nonconformities addressed
• Compliance Gap Assessment Report produced
• Data Subject Access Request (DSAR) Log reviewed
• Monthly/Quarterly DPA Compliance Status Reports submitted
• Deviation Report prepared and submitted
• Advice on Data Protection and privacy related issues provided
• Robust and comprehensive Data Quality and Protection controls established
• Technical advice/information provided
• Reports, Cabinet Submissions/Notes, technical papers, and publications prepared and issued
• Stakeholder Relationships established and maintained
• Annual/Quarterly/Monthly performance Reports prepared
• Individual work plans developed
   

Key Responsibility Areas

Management/Administrative Responsibilities

• Develops Individual Work Plans based on alignment to the overall plan for the section;
• Establishes and maintains various Data Protection/Privacy Policy Committees/Technical Working Groups that provides policy insight and makes recommendations for the implementation of improved procedures and systems;
• Prepares and delivers presentations related to Data Protection/Privacy Policy as needed;
• Participates in meetings, seminars, workshops and conferences as required;
• Prepares reports and programme documents as required;
• Maintains customer service principles, standards and measurements.

Technical

• In-depth knowledge of Data Protection Law and Regulatory frameworks;
• Good knowledge of information technology and data management systems;
• Good knowledge of the GoJ Records and Information Management Policy;
• In-depth knowledge and expertise in quantitative and qualitative methodologies, reporting, data quality assessments, data analysis and presentation
• Good knowledge of the development, analysis, revision and implementation of policies, programmes, procedures, guidelines, programmes and legislation;
• Strong ability to synthesize multiple ideas and complex information into a coherent summary, as in reports and briefing notes, and to make cogent recommendation for the modification or creation of legislation, policies and programmes;
• Superior verbal and written communication skills, with the ability to deliver presentation with tact, clarity, enthusiasm and accuracy to widely varied audiences;
• A high level of initiative and self-motivation;
• Demonstrated interpersonal and negotiation skills;
• Aptitude for developing and maintaining collaborative relations with team members both within and outside the Ministry, and for functioning effectively on inter-ministerial and multi-sectoral committees and working groups;
• Familiarity with procedures, policies and legislation governing the machinery of government;
• Knowledge of the Government processes, including policy development, financial planning, performance management systems and basic theories, principles and methods of analysis;
• Knowledge of computerized systems and software, with an emphasis on the MS Office suite and projects.
• Demonstrate a high level of confidentiality in execution of duties with the ability to act in an independent manner free of any real or perceived conflicts.
• Ability to work well under pressure and manage sensitive and confidential information

Other Responsibilities:

• Any other assigned duties not specifically outlined within the job description but are within the capacity, qualifications and experience normally expected from a person occupying this position

Minimum Required Education and Experience

• Undergraduate Degree in Information Security, Law, Computer Science, Information Technology, Data Privacy, or a related field.
• At least one Data Protection and/or Privacy certification such as, CIPP, CIPT, ISEB, etc., (preferred).
• At least 3-5 years’ work experience in Privacy, Compliance, Information Security, Auditing, or a relevant field (Law, Business Administration, Information Technology)

The Ministry of Health & Wellness thanks all applicants for their interest; however, please note that only short-listed candidates will be contacted.