Pension Insurance Corporation (“PIC”) provides secure retirement incomes through comprehensive risk management and excellence in asset and liability management, as well as exceptional customer service. Our purpose is to pay the pensions of our current and future policyholders. We achieve our purpose by setting Companywide strategic objectives and driving a healthy culture based on our PIC Values of Resilient, Adaptable, and Loyal.
Role purpose
- Partners with the current Head of Data Protection Office and General Counsel in leading all Data Protection Office activities to maintain and achieve compliance with internal policies and procedures, and regulations and laws relating to data or information processing performed by PIC or third parties on which PIC depends for data processing purposes.
- Defines, maintains and promotes awareness, understanding, adoption of Data Protection within PIC.
- Embeds Data Protection regulations and professional standards across PIC.
- To remain informed of, and assess, industry leading practice, for applicability within PIC and to actively promote its implementation.
- To provide effective and timely challenge and support to key stakeholders and groups across PIC, including CISO and Chief Data Officer
- Our Company values are expected to be reflected in the delivery and performance of every role.
Specific accountabilities assigned to the role of Deputy DPO within the Legal, Company Secretary & DPO function:
- Conduct a full and thorough analysis of PIC’s privacy and data protection systems, processes and governance framework providing a comprehensive report to senior management on the findings and recommendations, including determining:
o the degree to which PIC meets ICO requirements;
o the degree to which PIC meets or exceeds industry best practice; and
o timeline for any remedial and/or enhancement actions, to be agreed with the designated Data Protection Officer.
- Responsible for the design and roll out of guidance materials and internal training to educate to develop knowledge and understanding of GDPR compliance, data privacy and governance, and AI regulation across PIC.
- Responsible for the completion of data subject access requests in line with ICO requirements and PIC internal governance and control framework.
- Work collaboratively with other centres of excellence to include but not limited to Data Office, Information Security, HR, Business Services, Operations, and Origination to conduct data protection and privacy impact assessments (DPIAs) submitted as part of any change activities, identifying necessary control requirements or actions to be addressed.
- Adequately maintain privacy records and documentation, such as privacy notices, records of processing activities (RoPA), legitimate interests assessments as required.
- Take ownership for own learning and development in both technical (e.g. legislation and regulatory guidance, and critical judgement) and non-technical (self-insight and relationship management) skills.
- Keep informed of industry trends, market developments, regulatory changes in the public and private sectors, as well as best practices related to data protection (privacy) by attending industry seminars, reading and sharing relevant published articles.
