Salary Scale: Min: $5,597,715.00 – Max: $7,528,305.00 per annum)
JOB PURPOSE
Under the general leadership and direction of the Principal Director – Health Informatics, the Data Protection Analyst will be responsible for the development of Data Protection/Privacy policies, procedures, controls, and guidance which ensures MOHW’s compliance with relevant Data Protection regulations where applicable and globally accepted standards for Health Informatics. The Analyst ensures that appropriate protocols are in place and that all areas across MOHW are always adhering to them. Additionally, the post provides legislative advice on all matters relating to the General Data Protection and privacy area.
KEY OUTPUTS
- Research, development and implementation of Data Protection and privacy policies and procedures for Health Informatics managed
- Data Protection/Privacy Governance Frameworks and strategies to managed
- Legislative advice on all matters relating to the Data Protection and privacy provided
- Robust and comprehensive Data Quality and Protection controls managed
- Data Protection training provided
- Technical advice/information provided
- Reports, Cabinet Submissions/Notes, technical papers, and publications prepared and issued
- Stakeholder Relationships established and maintained
- Annual/Quarterly/Monthly performance Reports prepared
- Individual work plans developed
KEY RESPONSIBILITIES AREAS
Technical/Professional Responsibilities
- Provides overall management for the research, development and implementation of Data Protection and privacy policies and procedures in support of Health Informatics/e-Health;
- Manages and owns any changes to policies and working practices relevant to the Data Protection and privacy area;
- Identifies and addresses areas where the MOHW needs to review strategy, policy or procedure, or increase colleague awareness and training in Data Protection and Privacy;
- Researches, designs and implements Data Protection/Privacy Governance Frameworks and strategies to manage the use of health informatics and e-health data in compliance with the requisite standards and guidelines;
- Provides legislative advice on all matters relating to the general Data Protection and privacy impact assessments issues by ensuring MOHW compliance with applicable legal framework and policy guidelines;
- Designs, implements and monitors robust and comprehensive Data Quality and Protection controls across the MOHW that supports the Information Systems for Health functions;
- Devises, updates and reports on data and information management controls, issues, breaches and major incidents to pertaining to health informatics/e-health;
- Maintains appropriate records to enable MOHW to liaise effectively and legally with the relevant supervisory authorities where applicable;
- Provides expert advice, guidance and information to the MOHW and those partner agencies/departments/RHAs processing health data regarding their legal obligations as required;
- Develops and manages data protection compliance frameworks by ensuring compliance checking activities are undertaken and compliance checking schedules are in place;
- Develops and implements protocols and frameworks for coordinating and conducting data privacy audits;
- Conducts regular reviews of the MOHW’s data processing operations and the accessibility of personal data pertaining to Health Informatics/e-Health;
- Manages systems that ensures appropriate assignment of responsibilities in relation to the management of data and information and the processing and protection of personal data;
- Applies a systematic approach to decision making and problem solving by calculating and identifying risks involved in various aspects of the functional area;
PERFORMANCE STANDARDS
- Research, development and implementation of Data Protection and privacy policies and procedures for Health Informatics managed through the application of evidence-based method, agreed guidelines and timeframes;
- Data Protection/Privacy Governance Frameworks and strategies to managed according to established principles, guidelines and timeframes;
- Legislative advice on all matters relating to the Data Protection and privacy provided are grounded in legal research and delivered in a timely manner;
- Robust and comprehensive Data Quality and Protection controls managed according to established principles, guidelines and timeframes;
- Data Protection training provided according to established principles, guidelines and timeframes;
- Technical advice and recommendations provided are sound and supported by qualitative/quantitative data;
- Cabinet Submissions, policy/programmes recommendations and briefs or position papers on technical matters are appropriately prepared and submitted within the required timeframes;
- Reports are comprehensive, accurate and submitted within the required timeframes;
- Stakeholder Relationships established and maintained in a harmonious and productive manner;
- Annual/Quarterly/Monthly performance reports are prepared in accordance with agreed format, are accurate and submitted on time;
- Individual Work Plans developed in conformity to established standards and within agreed timeframes;
- Confidentiality, integrity and professionalism displayed in the delivery of duties and interaction with staff.
MINIMUM REQUIRED EDUCATION AND EXPERIENCE
- Bachelor of Laws;
- Certification in Data Protection and Information Management;
- Seven (7) years’ experience as a practicing attorney with exposure to Data Protection, Privacy and/or ICT Governance.
Kindly submit a cover letter and resume along with the names, telephone numbers, and email addresses of two (2) references, one of whom must be a former or current supervisor.