Deputy Privacy Officer at Discovery Limited

Ensures privacy operationalisation by implementing, operating and enforcing information governance and privacy controls and safeguards in line with the group information governance and privacy strategy, and data privacy legislation. This is achieved by providing oversight and implementation of all data privacy activities within the Discovery Central Services (DCS) in line with Data Privacy legislation and regulations. This will also provide support to the Group Information Officer in fulling their task in oversight and support of information governance and privacy strategy across the Discovery Group. The DIO is responsible to identify, govern, control, communicate and protect information assets within DCS in line with data privacy legislation and regulations, in conjunction with the relevant business and technical owners of systems and processes. Reviewing and oversight of information governance and privacy controls and providing operational insight to complete management of the information governance and privacy capabilities. Plays a key role in developing, maintaining and continuing to enhance the information governance and privacy posture of Discovery by the efficient operation, maintenance and control of these capabilities.

Areas of responsibility may include but not limited to

• Participate in development of information governance and privacy in support of business objectives and arising risks with particular focus on information governance and privacy capabilities, operational and service excellence within DCS.
• Cultivate and manage objective working relationships with a variety of stakeholders, including end-users, SME’s, project managers, senior staff members and security personnel across DCS.
• Coordinate, drive and manage information governance and privacy project implementations and rollouts to ensure successful implementation within agreed timelines and ensure effectiveness of projects by ensuring efficiency including business case development and financial analysis.
• Promote and encourage information governance and privacy excellence. Develop a service culture which builds rewarding relationships, proposes innovations, and allows others to provide exceptional client service
• The encouragement of compliance, by DSC, with the conditions for lawful processing of personal information;
• Dealing with requests for information made to Discovery Business Unit pursuant to POPIA and PAIA in conjunction with the Group Information Officer
• Working with the Group Information Officer in relation to investigations conducted pursuant to Chapter 6 dealing with prior authorisation, in relation to Discovery Business Unit;
• Communication with the Information Regulator, where necessary on matters related to information privacy or access;
• Ensuring the documentation of processing activities regarding personal information processing;
• Conducting data privacy impact assessments when personal information is processed to ensure adequate measures and standards exist to comply with conditions of lawful processing;
• Ensuring the documentation of processing activities regarding personal information processing;
• Submission of reports with regards to data subject access requests, assessments, complaints and breaches to the Group Information Officer – or as defined in the regulations;
• Ensuring the privacy risk assessments are carried out relating to the implementation of data privacy legislation;
• Providing input and sign-off into privacy impact assessments carried out by the entity.
• Reporting to the appropriate Group committee

Personal Attributes And Skills

• Values Driven
• Optimistic
• Learns on the Fly
• Resilient
• Instils Trust
• People Savvy
• Drives Results
• Problem Solver

Education

• Information management related Diploma / Degree
• Privacy management related Diploma / Degree or Certification
• Privacy management certification e.g. CIPM or CIPT (IAPP certification)
• Business management

Experience

• 10+ Years Information governance and privacy experience
• Of which 3+ Years’ experience is in privacy operational management
• Knowledge of privacy management aspects.
• Ability to define tasks needed to accomplish goals and assigns and co-ordinates people, tasks and resources to ensure an efficient flow of work.
• Ability to make firm and, if necessary, swift decisions, sometimes with limited information; assesses risk and accepts responsibility for the resulting action
• Technical knowledge and experience working with information governance and privacy specific control capabilities across both technical and business domains.