Data Protection Manager

£60000 - £60000

Data Protection Manager

Milton Park Oxfordshire

Job Reference: --003976

Location: Milton Park Oxfordshire

Closing Date: 14/09/2018

Department: Technology

Division: Academic Publishing

Taylor & Francis Group of Informa produces high quality, peer reviewed books and journals. We produce unique, trusted content by expert authors, spreading knowledge and promoting discovery globally. We aim to broaden thinking and advance understanding, providing academics and professionals with a platform to share ideas and realise their individual potential.

With the General Data Protection Regulation (GDPR), changes in law in China, Singapore and Canada, the importance of data protection will be ever more important. How Informa is able to comply with these regulations will be critical to maintaining our client relations and trust in our brands.

The role will entail working closely with a wide number of internal teams (marketing, sales, product management, compliance) and all other relevant stakeholders to build an understanding in the division of data protection issues and to ensure we are compliant with applicable regulations, primarily GDPR. This role will advise on all areas of data privacy matters and their application to Informa systems, processes, policies and products within the Division following the Group standards. The relevant candidate must have a comprehensive understanding of data protection and be able to impact change quickly and with a limited degree of support from the Group DPO. The successful candidate will need a good eye for detail the ability to multi-task and take a pragmatic approach to compliance in a fast-paced commercial environment.

Key accountabilites:

  • Data Privacy – Roll out GDPR implementation and Canadian anti-spam legislation within the Business Division based on Group recommendations
  • Be the point of contact for any DP queries, from external or internal customers, around data whether this be with SARs, privacy reviews, DPIA’s, recording of processing activities for the Division
  • Working with the Group DPO to develop the privacy function overall from the UK
  • Foster a data protection culture within the organisation and help to implement essential elements of Data protections, such as the principles of data processing, data subjects’ rights, data protection by design and by default, records of processing activities, security of processing, and data breach handling
  • Analyse and advise on all data protection queries from different members of the Business teams, providing information and issue recommendations to the Business teams
  • Run workshops and training sessions to share knowledge around data protection, etc
  • Ensure appropriate processes and systems are in place to be able to respond to individuals when they exercise their rights (e.g. subject access request, object to processing, right to be forgotten etc) within the division, working with Group DPO as necessary
  • Review of Privacy Impact Assessments and providing advice to the business teams
  • Review any legal contracts and advise where necessary on data sharing arrangements and data processing agreements
  • Maintain the record of processing operations as one of the tools enabling compliance monitoring, informing and advising the controller or the processor
  • Active member of data privacy forum, and work on project deliverables and initiatives as required
  • Monitoring the implementation and application of internal data protection policies
  • Work collaboratively with Information Security to ensure appropriate Data Security is in place for any personal data held
  • Keeping abreast of Data Privacy Law changes around the world (e.g. South Africa, China, Russia, Singapore, Canada).
  • Work across functions collaboratively on privacy matters
  • Communication with key stakeholders, reporting on progress

Minimum Education Level:

  • BA/MA
  • Relevant Data Privacy Management experience
  • CIPP-E or similar qualification

Background Knowledge, Skills & Experience:

  • Experience maintaining a privacy compliance programme
  • Expertise in national and European data protection laws and practices and an in-depth understanding of the GDPR
  • Ability to handle information and business affairs with secrecy and confidentially as appropriate
  • Demonstrated leadership and project management experience
  • Ability to communicate effectively with the highest levels of management and decision-making within the organization
  • Familiarity with privacy and security risk assessment and best practices, privacy certifications/seals, and information security standards certifications
  • Sound understanding of and familiarity with information technology and information security practices and audits
  • Adequate self-awareness and confidence to acknowledge knowledge gaps and seek to fill them from reliable sources
  • Knowledge of the business sector and of the employer’s organization
  • Team player with a strong focus on communication and service delivery
  • Pragmatic, business orientated mindset
  • Excellent written and verbal presentation skills
  • Detail oriented
  • Self-starter and able to work in stand-alone position


£ k