Key Purpose

• The Senior Information Officer plays a crucial role in ensuring compliance with information-related regulations.
• The Senior Information Officer position enables Vitality to fulfil its mandates related to the Promotion of Access to Information Act (PAIA) and POPIA.
• The Senior Information Officer provides strategic leadership to ensure adherence to the policies pertaining to Information Management, Governance and Security. The role is responsible for providing strategic and tactical support to the business and direct operational management of governance requirements, through the effective delivery of initiatives whilst supporting the organisation’s objectives.

Areas of responsibility may include but not limited to

Assesses

• Documenting current baseline of Privacy Program
• Identifying Privacy Obligations and addressing Risks (CRMP)
• Reviewing and identifying Policies and Procedures in place.
• Conducting Data Privacy Impact Assessments (DPIA)
• Conducting assessment of Processors & 3rd Party Vendors, as well as a physical assessment
• Assessing Mergers; Acquisitions & Divestitures

Responds to:

• Incidents, breaches, Data Subject Access requests (DSARS), as well as Information Regulator requests

Protection of:

• Data Life Cycle
• Information Security Practices
• Privacy by Design
• Integrate Privacy Requirements & representation into functional areas across the organization.

Sustain Practices:

• Measuring effectiveness
• Aligning to relevant policies and procedures
• Continuous Monitoring of internal attestation, access controls
• Auditing
• Communication – Training & Awareness
• Continuous Maintenance and Improvement of the Privacy Program
• Regularly holding and attending Privacy Officer meetings, Information Governance/Incident Review/Group Privacy Forums, or related Group Meetings (on a weekly, bi-weekly and monthly basis)
• Compiling reports pertaining to data information privacy

Personal Attributes and Skills

Competencies:

• Drives Results
• Values Driven
• Optimistic
• Learns on the Fly
• Resilient
• Instils Trust
• People Savvy
• Drives Results
• Problem Solver

Behavioural Attributes:

• Self-starter
• Organisational skills
• Excellent communication skills
• Critical and strategic thinker
• Excellent interpersonal & relationship building skills.
• Ability to work under pressure and manage multiple stakeholders.

Qualifications, Technical Skills & Required Work Experience

Qualification:

• Professional Membership with International Association of Privacy Professionals (IAPP) or equivalent organisation. 

Advantageous:

• IAAPP Membership
• Privacy management certification e.g.
• Certified Information Privacy Management (CIPM) and/or
• Certified Information Privacy Professional (CIPP) and/or

Work Experience:

• Solid knowledge and understanding of Vitality RSA as an organisation in alignment governance component.
• Working knowledge of and experience of Information Privacy, Security and Governance
• In depth knowledge and understanding of Information Technology, Governance and Security

Advantageous:

• Management/leadership experience within large complex corporate environments 
• +5 years of relevant work experience in two or more of the following areas:
• Information Governance
• Privacy Management and Privacy Legislation
• Project Management (following up on tasks/issues/incidents)