State bank of India became one of the first Bankers to call for applications for the appointment of a “Data Protection Officer”. It has recently released an advertisement calling for applications.
It is good to know that the Bank has recognized the need for an exclusive officer. But it is clear that this is driven more from the international demand from their branches out of India who should have received notices from some supervisory authorities rather than a realization that data protection is a necessity of business.
The educational qualification indicated is
Basic: Graduation or its equivalent
Preferred Professional Certification:
Certified EU GDPR Foundation,
CIPP (Certified Information Privacy Professional),
CIPT (Certified Information Privacy Technologist),
CIPM (Certified Information Privacy Manager) etc
Post qualification work experience required is
Basic: Minimum 15 years’ post qualification work experience (as on 01.04.2020) as executive/ Supervisor in Corporate Sector out of which at least 10 years’ experience should be in BFSI Sector.
Preferred: Experience in Data Privacy Laws & Regulations and other Data Security areas with associated IT skills.
The age restriction is 55 years and the appointment is a contractual for 2 years.
The special skills required have been indicated as follows:
• Highly developed specialist knowledge in the General Data Privacy Regulation underpinned by theory and experience.
• Evidence of continuing professional and/ or personal self- development.
• Expert knowledge of data privacy laws and practices.
• Exposure to Data Privacy laws & regulations such as General Data Protection Regulation “GDPR”), UK Data Protection Act 1998 etc.
• Knowledge of Information lifecycle, risk management & data security areas.
• Extensive knowledge of Information Governance disciplines.
• Skill of interpretation of national guidance and legislation and subsequent local implementation.
• Flair for managing staff and implementing budgets. Training Delivery.
• Capacity to work with cross functional teams, attention to detail, organizational skills and multitasking.
• Strong management, motivational & leadership skills with ability to drive large change management programs within organizations.
• Ability to maintain confidentiality and deal with situations in a sensitive manner.
• Ability to communicate across all organizational boundaries in an appropriate manner.
In the above job description and indicated qualification, there is no mention of the Indian law for data protection either on the basis of the Information Technology Act 2000/8 or the proposed Data Protection Act.
However, we can presume that “etc” at various places includes the knowledge of Indian regulations and it will be taken into account when candidates are screened.
This is an indication that other Banks will also start thinking of such positions shortly and the career opportunities for “Data Protection Professionals” will start opening up.
Interested persons can visit this link and get more details.