Data Protection Compliance Lead, Grade VIII
|Base is negotiable but there will be a requirement to regularly attend meetings in the Corporate Office, Heuston South Quarter, Dublin 8|
|Salary: See Description for Details|
|Closing Date: 13/07/2020||Closing Time: 12:00|
|Recruitment start: 25/06/2020|
The Child and Family Agency was established on 1st January 2014 and is responsible for improving wellbeing and outcomes for children. It represents the most comprehensive reform of services for the development, welfare and protection of children and the support of families ever undertaken in Ireland. It is an ambitious move which brings together some 4,000 staff who were previously employed within Children and Family Services of the Health Service Executive, the National Educational Welfare Board and the Family Support Agency.
The Child and Family Agency has responsibility for the following range of services:
- Child Welfare and Protection Services, including family support services
- Family Resource Centres and associated national programmes
- Early years (pre-school) Inspection Services
- Educational Welfare responsibilities including School completion programmes and Home School Liaison
- Domestic, sexual and gender based violence services
- Services related to the psychological welfare of children
- Adoption & Alternative Care
Further information is available on www.tusla.ie
Purpose of Role:
The Data Protection (DP) Compliance Lead is a Grade VIII role within Tusla, reporting to the Data Protection (DP) Compliance General Manager. The appointee is responsible for supporting the Data Protection Compliance General Manager in the oversight of the Data Protection Compliance Programme focussing on key initiatives and any other duties that may be assigned from time to time
Main Duties and Responsibilities
- Assess, enable, monitor and assure agency-wide data protection compliance and implementation of the Data Protection Compliance Programme.
- Contribute to the development of and communicate policies, procedures and guidelines and assist in the development and implementation of privacy controls across Tusla.
- Assess the framework for fair processing at the agency.
- Analyse how data is processed, and monitor and advise on how records of data processing are maintained for data protection compliance.
- Maintain the Register of Data Processing Activities and ensure that it is up-to-date, comprehensive and accurate.
- Assess escalated risks to data protection and risks to the Data Protection Compliance Programme and support risk treatment.
- Develop procedures for the onboarding, due diligence and risk assessment of third party data processors including working with key stakeholders to integrate third party controls in their processes.
- Maintain the Data Protection Risk Register and ensure it is up-to-date, comprehensive and accurate.
- Develop procedures and controls for the implementation of Data Protection Impact Assessments (DPIAs) and other privacy risk assessments.
- Advise, support and provide initial review of DPIAs.
- Support the identification and governance of third party data processing and data processing/sharing agreements across Tusla.
- Support the development and consistent execution of all data protection policies, procedures and practices across Tusla.
- Assist in preparing reports on the Data Protection Compliance Programme.
- Ensure the effective escalation of risks to the Data Protection Compliance Manager and the Data Protection Officer.
- Foster and develop cooperation with all across the Agency.
- Embed awareness of data protection across Tusla.
- Embed a culture of data protection ownership across Tusla.
- Act as internal point of contact on queries regarding the Register of Data Processing Activities, the Data Protection Risk Register, Data Protection Impact Assessments and data protection policies, procedures and guidelines, escalating to Data Protection Compliance Manager as appropriate.
Health & Safety
- Comply with and contribute to the development of policies, procedures, guidelines and safe professional practice and adhere to relevant legislation, regulations and standards.
- Have a working knowledge of the Health Information and Quality Authority (HIQA) Standards as they apply to the service for example National Standards for Child Protection and Care and comply with associated Tusla – Child and Family Agency protocols for implementing and maintaining these standards as appropriate to the role.
- To support, promote and actively participate in sustainable energy, water and waste initiatives to create a more sustainable, low carbon and efficient health service.
The above Job Description is not intended to be a comprehensive list of all duties involved and consequently, the post holder may be required to perform other duties as appropriate to the post which may be assigned to him/her from time to time and to contribute to the development of the post while in office.
Please refer to the Candidate Information pack attached to this campaign for full and further detail
Applicants must by the closing date of application have the following:
Be in current employment with Tusla – Child and Family Agency,
Or direct employment with the HSE or within
other statutory health agencies, or a body which provides services on behalf of the HSE
under Section 38 or 39 of the Health Act 2004 or within a body that provides services on
behalf of Tusla under Section 56 or Section 59 of the Child and Family Act 2013
Have at least 3 years’ management experience – managing resources, projects, organisational change initiatives; and general administration
Have a minimum Level 8 qualification on the National Framework of Qualifications in Ireland (or equivalent in another jurisdiction) in a relevant discipline (i.e. management, law, regulation, compliance, computer science), and / or qualified ACOI Compliance Professional or CIPP-E, CIPM or other equivalent data protection certification holder.
Significant experience of one or more of the following:
- Knowledge of the law and practice of the General Data Protection Regulation and the Irish Data Protection Act 2018.
- Experience of compliance reporting processes and communications to supervisory authorities and governance bodies, preferably in the area of data protection.
- Experience of the development and communication of policies, procedures and guidelines and the development and implementation of privacy controls.
- Experience of risk based compliance frameworks, control design and implementation, preferably in the area of data protection.
Candidates must possess the requisite knowledge and ability, including a high standard of suitability, for the proper discharge of the office.
Have excellent general IT skills including MS Office, Word, PowerPoint and Excel skills.
A candidate for and any person holding the office must be fully competent and capable of undertaking the duties attached to the office and be in a state of health such as would indicate a reasonable prospect of ability to render regular and efficient service.
Each candidate for and any person holding the office must be of good character
Already a member of our Talent Pool? Login here to Apply
Join our Talent Pool + submit your application