Job Openings Data, Documents and Consent Manager

About the job Data, Documents and Consent Manager

About the organization:

The organization was founded in 1995, to provide pre-school education to children in Mumbai slums. Over the last 27 years, the organization has grown to be one of the largest non-profit organizations working to provide quality education to children and youth in over 20 states and union territories across the country, through a range of interventions.

About the Role:

The Data, Document and Consent Manager(DDCM) will play a pivotal role in ensuring Organisation's compliance with the provisions of the Digital Personal Data Protection and related data protection regulations in India. The DDCM will be responsible for overseeing all aspects of data storage and protection within the organization, including data storage, processing, privacy policies, security measures, and ensuring that the rights of Data Principals are upheld.

Data Compliance & Oversight:
  • Monitor and ensure compliance with the principles and requirements of the Data Protection Bill 2023.
  • Ensure the accuracy and completeness of data
  • Strengthen security safeguards to prevent a data breach
  • Develop and implement policies, procedures, and processes to ensure data protection and privacy compliance across the organization.
  • Oversee the organizations data processing activities, ensuring transparent and secure data collection, storage, and usage.
  • Review data processing activities, ensuring they align with the purpose and consent provided by Data Principals.
Privacy Impact Assessments (PIAs) and documentation:
  • Conduct and oversee Privacy Impact Assessments to identify potential privacy risks and recommend mitigation strategies.
  • Ensure maintenance of accurate records of data processing activities, data flows, and data sharing agreements in accordance with the Data Protection Bill requirements.
Data Storage, Drive, and Device Management:
  • Implement and oversee data storage solutions and shared drive management to ensure data is securely stored, organized, and accessible to authorized personnel.
  • Ensure adherence to data storage retention policies and data disposal practices.
  • Establish and maintain protocols for enterprise device management, including access controls, security configurations, and device lifecycle management.
  • Collaborate with IT teams to implement security measures on company devices to safeguard sensitive data.
Data Breach Management:
  • Establish and manage a data breach response plan, including notifying Relevant authorities when necessary.
  • Investigate and assess the impact of data breaches, recommend corrective actions, and ensure timely reporting to the relevant authorities.
Collaboration and Communication:
  • Conduct regular training sessions and workshops for employees, contractors, and stakeholders on data protection principles, policies, and best practices
  • Act as the point of contact for all matters related to data protection, both internally and externally.
  • Collaborate with cross-functional teams to ensure that data protection considerations are integrated into business processes.
  • Evaluate and oversee third-party data processors to ensure they comply with data protection regulations and contractual obligations.
  • Facilitate the exercise of Data Subject rights, such as data access, correction, erasure, and the appointment of representatives.

Functional Details:

Key competencies and traits:
  • Expected experience from 8-12 Years in a similar domain
  • Masters degree in law, information technology, data management, or related field (Advanced degree preferred).
  • Certification in data protection or privacy management (e.g., Certified Information Privacy Professional CIPP) is a plus.
  • Document management system knowledge, including box, dropbox, Sharepoint and other cloud solutions.
  • Strong knowledge of data privacy principles, practices, and emerging trends. In-depth understanding of the Digital Personal Data Protection Bill 2023 and relevant data protection laws.
  • Excellent analytical and problem-solving skills with a strong attention to detail.
  • Effective communication and interpersonal skills to liaise with various stakeholders.
  • Proven experience in data protection or privacy-related roles.
  • Familiarity with IT security and data protection technologies.