Responsibilities
Develop and implement data privacy policies and procedures in accordance with applicable data protection laws and regulations.
Monitor and assess the organization’s data privacy risks and vulnerabilities, conduct regular assurance monitoring and risk assessments.
Provide expert guidance to internal teams on data privacy best practices and ensure compliance with privacy requirements.
Collaborate with IT and security teams to implement technical measure for data protection, encryption, and access control.
Conduct data protection impact assessments (DPIAs) for new projects or initiatives involving the processing of personal data.
Manage and respond to data subject access requests (DARs) and other privacy-related inquiries from individuals, law enforcements and authorities.
Identify risks and update assessment on compliance risks, controls and actions for in the Risk and Control Self-Assessment (RCSA) system.
Raises awareness of the business units concerning the three-line of defense risk management model.
Requirements
In-depth knowledge of data protection laws and regulations, such as PDPO, PIPL, GDPR, PDPA, or other relevant data privacy frameworks.
Solid working experience in the data privacy and protection laws
Professional qualification in data privacy, life insurance, Compliance, Internal Audit or related disciplines is preferred