To ensure that processing of the personal data of its staff, customers, providers or any other individuals is in compliance with the applicable data protection laws.
Our client is an established Insurance Broker.
The Group DPO is responsible for:
- monitoring compliance with the EU General Data Protection Regulation (GDPR) and other data protection laws, such as the UK Data Protection Act 2018, our data protection policies, including internal data protection activities, raising awareness of data protection issues, training staff and conducting internal audits;
- providing advice and information on our data protection obligations to comply with the GDPR and other data protection laws;
- providing advice on the conduct of and monitoring of data protection impact assessments (DPIAs);
- cooperating with the UK Information Commissioner's Office (ICO) or relevant supervisory authority;
- Taking a risk-based approach to data protection
- having regard to the risk associated with processing operations and taking account of the nature, scope, context and purposes of processing
- prioritising focus on the more risky activities, e.g. where special category (sensitive) personal data is processed, or where the potential impact on individuals could be damaging;
- being the lead contact for
- all data protection queries with regard to potential complaints and breaches, ensuring that data subject rights requests re properly handled
- acting as a contact point for the ICO or relevant supervisory authority on all data protection issues, including data breach reporting.
- Experience in handling data subject rights requests.
- An understanding of how to build, implement and manage data protection programmes for Insurance Brokers or Underwriters.
- Knowledge of UK and European data protection law and an in-depth knowledge of the GDPR.
- An understanding of technical and organisational measures that should be in place to ensure the security of personal data and familiar with information technologies and data security.
- Experience in auditing and risk management.
- Certified DPO or Certified GDPR Practitioner (either preferred).