Data Protection Analyst, MIS/IT 7

JOB PURPOSE 

Under the general leadership and direction of the Principal Director – Health Informatics, the Data Protection Analyst will be responsible for the development of Data Protection/Privacy policies, procedures, controls and guidance which ensures MOHW’s compliance with relevant Data Protection regulations where applicable and globally accepted standards for Health Informatics. The Analyst ensures that appropriate protocols are in place and that all areas across MOHW are always adhering to them. Additionally, the post provides legislative advice on all matters relating to the general Data Protection and privacy area.

 

KEY OUTPUTS 

• Research, development and implementation of Data Protection and privacy policies and procedures for Health Informatics managed
• Data Protection/Privacy Governance Frameworks and strategies to managed
• Legislative advice on all matters relating to the Data Protection and privacy provided
• Robust and comprehensive Data Quality and Protection controls managed
• Data Protection training provided
• Technical advice/information provided
• Reports, Cabinet Submissions/Notes, technical papers, and publications prepared and issued
• Stakeholder Relationships established and maintained
• Annual/Quarterly/Monthly performance Reports prepared
• Individual work plans developed

 

KEY RESPONSIBILITY AREAS 

Management/Administrative Responsibilities 

• Develops Individual Work Plans based on alignment to the overall plan for the section;
• Establishes and maintains various Data Protection/Privacy Policy Committees/Technical Working Groups that provides policy insight and makes recommendations for the implementation of improved procedures and systems;
• Prepares and delivers presentations related to Data Protection/Privacy Policy as needed;
• Participates in meetings, seminars, workshops and conferences as required;
• Prepares reports and programme documents as required;
• Maintains customer service principles, standards and measurements.

 

Technical/Professional Responsibilities

 

• Provides overall management for the research, development and implementation of Data Protection and privacy policies and procedures in support of Health Informatics/e-Health;
• Manages and owns any changes to policies and working practices relevant to the Data Protection and privacy area;
• Identifies and addresses areas where the MOHW needs to review strategy, policy or procedure, or increase colleague awareness and training in Data Protection and Privacy;
• Researches, designs and implements Data Protection/Privacy Governance Frameworks and strategies to manage the use of health informatics and e-health data in compliance with the requisite standards and guidelines;
• Provides legislative advice on all matters relating to the general Data Protection and privacy impact assessments issues by ensuring MOHW compliance with applicable legal framework and policy guidelines;
• Designs, implements and monitors robust and comprehensive Data Quality and Protection controls across the MOHW that supports the Information Systems for Health functions;
• Devises, updates and reports on data and information management controls, issues, breaches and major incidents to pertaining to health informatics/e-health;
• Maintains appropriate records to enable MOHW to liaise effectively and legally with the relevant supervisory authorities where applicable;
• Provides expert advice, guidance and information to the MOHW and those partner agencies/departments/RHAs processing health data regarding their legal obligations as required;
• Develops and manages data protection compliance frameworks by ensuring compliance checking activities are undertaken and compliance checking schedules are in place;
• Develops and implements protocols and frameworks for coordinating and conducting data privacy audits;
• Conducts regular reviews of the MOHW’s data processing operations and the accessibility of personal data pertaining to Health Informatics/e-Health;
• Manages systems that ensures appropriate assignment of responsibilities in relation to the management of data and information and the processing and protection of personal data;
• Applies a systematic approach to decision making and problem solving by calculating and identifying risks involved in various aspects of the functional area;
• Works with key internal stakeholders in the review of projects and related data concerning Health Informatics/e-Health to ensure compliance with local data protection and privacy laws where applicable;
• Monitors development and changes to Jamaican data protection and privacy laws; and makes recommendations to the Data Privacy and Information Governance to bolster processes and systems concerning Information Systems for Health;
• Develops and delivers Data Protection and privacy training to various stakeholders in the healthcare sector;
• Monitors the industry landscape to keep visibility on evolutions, trends, and best practices related to Data Privacy;
• Develops and implements strategies and initiatives to ensure engagement with key internal and external stakeholders relating Data Protection and privacy matters;
• Collaborates with internal and external Information Security functionaries to raise stakeholder awareness of data privacy and security issues concerning the health sector;
• Collaborates with internal and external Information Security functionaries in the development and implementation of procedures and systems to maintain records of all data assets and management of data security incidents;
• Promotes and embeds good Data quality and Information security principles across the MOHW and related stakeholder groupings;
• Keeps abreast of Data Protection and Privacy for Health and e-Health initiatives to ensure adherence to international standards and competitiveness.

 

Human Resources Responsibilities 

• Contributes to and maintains a system that fosters a culture of teamwork, employee empowerment and commitment to the Division’s and organization’s goals;
• Assists with the preparation and conducts presentations on role of Division/Branch/Unit for the Orientation and Onboarding programme.

 

Other Responsibilities 

• Performs all other related duties and functions as may be required from time to time.

 

PERFORMANCE STANDARDS 

• Research, development and implementation of Data Protection and privacy policies and procedures for Health Informatics managed through the application of evidence-based method, agreed guidelines and timeframes;
• Data Protection/Privacy Governance Frameworks and strategies to managed according to established principles, guidelines and timeframes;
• Legislative advice on all matters relating to the Data Protection and privacy provided are grounded in legal research and delivered in a timely manner;
• Robust and comprehensive Data Quality and Protection controls managed according to established principles, guidelines and timeframes;
• Data Protection training provided according to established principles, guidelines and timeframes;
• Technical advice and recommendations provided are sound and supported by qualitative/quantitative data;
• Cabinet Submissions, policy/programmes recommendations and briefs or position papers on technical matters are appropriately prepared and submitted within the required timeframes;
• Reports are comprehensive, accurate and submitted within the required timeframes;
• Stakeholder Relationships established and maintained in a harmonious and productive manner;
• Annual/Quarterly/Monthly performance reports are prepared in accordance with agreed format, are accurate and submitted on time;
• Individual Work Plans developed in conformity to established standards and within agreed timeframes;
• Confidentiality, integrity and professionalism displayed in the delivery of duties and interaction with staff.

 

INTERNAL AND EXTERNAL CONTACTS

Internal Contacts

Contact (Title)	Purpose of Communication
Principal Director – Information Systems for Health; Director – Health Informatics	Support the Director in consultations with the relevant PD on Data Protection/Privacy matters, by providing accurate information and interpretation of issues relevant to the delivery of key policy initiatives and timely responses to sensitive or contentious issues Collaborate and maintain open relationships to expedite responses and information transfer
Senior Executives/Head of Divisions	Provide expert Data Protection/Privacy policy/programme development and implementation advice to influence decisions, support initiatives; Ensure that executives are fully informed of the organisation’s Data Protection/Privacy programmes and specific policy response initiatives.
General Staff	Receive and exchange information

 

External Contacts

Contact (Title)	Purpose of Communication
Ministries/Departments/Agencies/ Health Authorities	Establish effective high-level networks with Executive Directors/Directors, to enable performance benchmarking, monitor industry trends, maintain currency, and collaborate on common Data Protection/Privacy policy/programmes responses to emerging and future issues; Optimize engagement, consultation, negotiation and facilitation of policy/programme alignment, implementation and response. Collaborate on strategic planning interventions to influence decisions, support initiatives.
Attorney Generals Chambers/ CPC	Engage with key contacts to monitor the progress of Data Protection/Privacy Legislative agenda and drafting through decision making processes.
Cabinet Office ICT Authority	Engage with key contacts to monitor the progress of Data Protection/Privacy policies/programmes through decision making processes Collaborate on strategic planning interventions to influence decisions, support initiatives.
Technical Committees	Foster effective proactive relationships with other stakeholders, in particular community and/or industry groups for whom Data Protection/Privacy policy/programmes impacts are most critical
Policy Implementers	Conduct training on new policies/programmes; and monitors and evaluates the implementation of policies/programmes
Key stakeholders and Community Interest	Foster effective proactive relationships with other stakeholders, in particular community and/or industry groups for whom Data Protection/Privacy policy/programmes impacts are most critical
Other Stakeholders, example: Professional Bodies, Academia, etc.	Foster effective proactive relationships with other stakeholders, in particular community and/or industry groups for whom Data Protection/Privacy policy/programmes impacts are most critical
General Public	Receive and share information on policy/programme initiatives through consultation

 

AUTHORITY 

• Recommends new policies, policy changes, programmes and project development initiatives in Data Protection for Health Information systems.

 

REQUIRED COMPETENCIES

Core

• Oral Communication
• Written Communication
• Customer & Quality Focus
• Teamwork & Cooperation
• Integrity
• Compliance
• Interpersonal Skills
• Change Management

 

Technical

• In-depth knowledge of Data Protection/Privacy legislative arrangements and frameworks;
• Good knowledge of information technology and data management systems;
• Good knowledge of Health Informatics/e-Health;
• In-depth knowledge and expertise in quantitative and qualitative methodologies, reporting, data quality assessments, data analysis and presentation
• Good knowledge of the development, analysis, revision and implementation of policies, programmes, procedures, guidelines, programmes and legislation;
• Strong ability to synthesize multiple ideas and complex information into a coherent summary, as in reports and briefing notes, and to make cogent recommendation for the modification or creation of legislation, policies and programmes;
• Superior verbal and written communication skills, with the ability to deliver presentation with tact, clarity, enthusiasm and accuracy to widely varied audiences;
• A high level of initiative and self-motivation;
• Demonstrated interpersonal and negotiation skills;
• Aptitude for developing and maintaining collaborative relations with team members both within and outside the Ministry, and for functioning effectively on inter-ministerial and multi-sectoral committees and working groups;
• Familiarity with procedures, policies and legislation governing the machinery of government;
• Knowledge of the Government processes, including policy development, financial planning, performance management systems and basic theories, principles and methods of analysis;
• Knowledge of computerized systems and software, with an emphasis on the MS Office suite and projects.

 

MINIMUM REQUIRED EDUCATION AND EXPERIENCE

• Bachelor of Laws;
• Certification in Data Protection and Information Management;
• Seven (7) years’ experience as a practicing attorney with exposure in Data Protection, Privacy and/or ICT Governance.

 

SPECIAL CONDITIONS ASSOCIATED WITH THE JOB 

• Work will be conducted in an office outfitted with standard office equipment and specialized software. The environment is fast paced with on-going interactions with critical stakeholders and meeting tight deadlines, which will result in high degrees of pressure, on occasions. May be required to travel locally and internationally to attend conferences, seminars and meetings.

 

Kindly submit a cover letter and resume along with the names, telephone numbers, and email addresses of two (2) references, one of whom must be a former or current supervisor.

Interested persons are invited to submit their application accompanied by a detailed resume for the aforementioned position, No later than Friday, May 12, 2023, to:

Senior Director, Human Resource Management & Development

Ministry of Health & Wellness

10a Chelsea Avenue

Kingston 10

Email: jobs@moh.gov.jm

                                   

Applicants must include the position for which they are applying in both their cover letter and the subject line of their email.

We thank all applicants for their interest.  Please note, however, that only shortlisted candidates will be contacted.