Data Protection Officer

Data Protection Officer

Department:Risk & Compliance

Employment Type:Permanent - Full Time

Location:London

Description

About the role

• To be the primary R&C contact for internal and external stakeholders on data protection (DP) issues across both the regulated and supervised businesses.
• Provide advice to the General Counsel Team on queries relating to data protection issues in supplier contracts, client engagement terms, client questionnaires and other matters.
• To advise senior leadership and staff on data protection obligations, linked to Mourant's data protection policy and be responsible for handling all requests related to data subject rights that Mourant receives.
• Continuously review and update the data protection framework (being all policies, privacy notices, template documents and clauses) to align with evolving regulations and best practices, in consultation with relevant stakeholders.
• As part of DP oversight, monitor and audit data protection policies and procedures with best practice and guidance issued from the relevant regulator, to ensure compliance.

• To maintain and enhance Mourant's data processing protocols including internal cross border data transfer agreements and maintain our DP registrations.
• Conduct regular internal risk assessments) and support internal completion of data protection impact assessments (DPIAs) to identify potential risks related to data processing activities.
• To establish, maintain and regularly update the Record of Processing Activities (RoPA) in accordance with Article 30 of the GDPR, ensuring it accurately reflects Mourant's data processing operations and is available for inspection by supervisory authorities upon request. This includes liaising with all departments to ensure new or changing processing activities are recorded and assessed for compliance with data protection principles.
• Develop and carry out regular compliance monitoring reviews to assess adherence to data protection requirements as set out in Mourant's internal policies, procedures and operational controls, and identify areas for improvement.

• Accountability for editing and releasing induction and refresher online DP training modules for Mourant staff.
• In conjunction with the GC teams and relevant fee earners, develop and deliver ad hoc and supplemental training programs for partners, shareholders and employees to ensure a thorough understanding of DP requirements and data protection best practices.
• Promote a culture of data protection awareness throughout the organisation.

• Develop strong relationships within Mourant and work closely with GC, IT, Project Management, Marketing and HR teams to ensure cohesive and comprehensive data protection measures in both our internal operations and agreements with third parties.
• Act as the primary point of contact for data protection authorities and regulatory bodies.

About you

• Significant experience working in a compliance, legal, risk or operational control function focusing on DP within a law firm or regulated corporate services business is required.
• Experience drafting and delivery of training and Board/senior management presentations is strongly preferred.
• Experience in assessing and developing DP compliance framework commensurate with the size and complexity of a regulated professional services firm is required.
• Knowledge of developing, conducting and reporting on a DP compliance monitoring program is required.
• Prior policy and report writing experience strongly preferred.

• Strong knowledge of DP laws and regulations in the UK (including but not limited to DPA 2018, PECR, UK and EU GDPR), in the Channel Islands and wider EU is required. Knowledge of DP laws and regulations in at least one of Mourant's other operating jurisdictions is beneficial.
• Experience in delivering commercial and operational pragmatism for effective DP risk management.
• Ability to conduct and analyse legal and regulatory horizon scanning is required, and having regard to other relevant jurisdictions and international developments that impact on Mourant's DP position is essential.
• Data driven approach to compliance monitoring and reporting.
• Effective and confident communication skills, both verbally and written to convey to senior leaders a pragmatic risk-based approach, understanding the balance with client service.

#J-18808-Ljbffr