Job Title and Grade: Data Protection Compliance Specialist – Grade VII
Department: National Data Protection
Taking up Appointment: A start date will be indicated at job offer stage.
Location: Dublin 8. This job will be hybrid.
Details of Service
The HSE National Data Protection Office is one of the functions within the OPI division. The Data Protection Act 2018 (Act) (No 7 of 2018) was enacted on 24 May 2018 and established the Data Protection Commission and gave further effect to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data. The Regulation is commonly known as the General Data Protection Regulation (GDPR). The holder of the post is the Designated Data Protection Officer (DPO) under legislation.
The HSE is both a Data Controller and a Data Processor under the Regulation. They will be the primary point of contact for HSE staff, service users and suppliers in relation to personal data and will take an independent view on all matters relating to data protection across the HSE.
Reporting Relationship
The post holder will report to the appropriate designated Manager.
Key Working Relationships
The VII Data Protection Compliance Specialist will work closely and collaboratively with:
* HSE Services Nationally
* Members of the public and HSE staff who may contact the DPO office or Data Notification Service in relation to the May 2021 Cyber Attack and other data protection queries
* Other government departments and organisations who are working with the HSE on programmes of work who seek data protection advice
Purpose of the Post
The Grade VII Operational Compliance and Improvement will be a key member of the DPO Team leading on assigned programmes, specifically the Data Notification Service which is dealing with responding to those individuals notified as a result of the May 2021 Cyber Attack on the HSE. The role holder will also take an active role in the implementation of Privacy Engine across the HSE and its affiliate organisations, whilst constantly seeking quality improvement across all HSE National Data Protection Office capabilities including but not limited to RoPA, DSARs and DPIA.
Principal Duties and Responsibilities
The position of Grade VII encompasses both managerial and administrative responsibilities which include the following:
Oversight/Monitoring and Assurance
* Supporting and coordinating the full life cycle of Data Subject Access Requests (DSARS) for the Data Notification Service.
* Work towards full compliance in line with HSE data protection policy and GDPR legislation in the management of all DSAR requests related to the May 2021 Cyber Attack.
* Understanding, adhering to, and following all standard operating procedures relating to Data Notification Service.
* Managing complex data protection queries and complaints related to the May 2021 Cyber Attack.
* Produce reports and data updates on the work related to the Data Notification Service.
* Support the delivery of Privacy Engine in the HSE.
* Assist the DPO in the management and delivery of the Privacy Engine across the HSE.
* Provide SME input to review and challenge Records of Processing Activities, Data Privacy Impact Assessments, and Data Sharing Agreements.
Administration
* Ensure the efficient management and administration of area of responsibility.
* Execute assignments in accordance with agreed plans, budgets, and deadlines.
* Prepare regular reports on the progress of work against the operational plan.
* Inform management of ideas/solutions to maximise effective use of resources/improve service delivery.
* Participate in and lead project working groups.
Human Resources / Supervision of Staff
* Supervise and enable other team members to carry out their responsibilities.
* Manage the performance of staff, dealing with underperformance in a timely and constructive manner.
* Conduct regular staff meetings to keep staff informed and to hear views.
Customer Service
* Promote and maintain a customer-focused environment.
* Seek feedback from service users/colleagues to evaluate service and implement change.
Service Delivery and Service Improvement
* Promote and participate in the implementation and management of change.
* Maintain a good understanding of internal and external factors that can affect service delivery.
Frameworks and Policies
* Monitor the implementation of all relevant Data Protection Policy and Guidelines.
* Review the effectiveness of relevant privacy risk management frameworks, policies, systems, processes, and tools.
Eligibility Criteria
Qualifications and/or experience
* Have satisfactory experience in an office under the HSE or similar.
* Have not less than two years satisfactory experience in a comparable role.
* Must possess the requisite knowledge and ability for the proper discharge of the office.
Health
A candidate must be fully competent and capable of undertaking the duties attached to the office.
Character
Each candidate must be of good character.
Post Specific Requirements
* Working knowledge of the laws, regulations, and practices relating to the protection of personal data specified in Data Protection Acts and GDPR.
* At least 3 years’ experience in a comparable role ideally within a regulatory or public sector organisation.
* Proven experience of staff management.
Skills, Competencies and/or Knowledge
* Demonstrates knowledge and experience relevant to the role.
* Maximises the use of ICT, demonstrating excellent computer skills.
* Demonstrate the ability to work in line with relevant policies and procedures.
Campaign Specific Selection Process
A ranking and or shortlisting exercise may be carried out on the basis of information supplied in your application form. The criteria for ranking and or shortlisting are based on the requirements of the post as outlined in the eligibility criteria and skills, competencies and/or knowledge section of this job specification.
Those successful at the ranking stage will be placed on an order of merit and will be called to interview.
Application
Should the role be of interest to you, please apply with your current CV.
#J-18808-Ljbffr