Job Title: Legal Counsel Director-Data Privacy
Level: 5 – Associate Director
The Compliance & Ethics Counsel Associate Director will lead a team of resources (the Data Privacy Centre of Excellence) within the Data Privacy team and will be jointly responsible (respective to Privacy/Legal) (with Information Security (IS) and Geographic Services (GS)) for the governance and oversight of the network of Geographic Unit (GU) Privacy & Security Leads within GS. The Compliance & Ethics Counsel Associate Director will work closely with IS and GS leadership and report to the Global Director of Data Privacy.
The Compliance & Ethics Counsel Associate Director will also act as Accenture’s Data Protection Officer (DPO) under the GDPR and other laws where required (this title and role shall be held for an initial appointment period and may be rotated within the broader Data Privacy team or other function after such time, and/or at any point in the future). As such, the Compliance & Ethics Counsel Associate Director will, in accordance with defined responsibilities and processes, and as part of the Data Privacy team, advise on and monitor data privacy (DP) compliance, advise on Data Protection Impact Assessments, provide input to security incidents handling and cooperate with and act as the point of contact for regulators.
If the title of DPO is no longer held the director will continue to report to the Global Director of Data Privacy and work closely with any newly appointed Data Protection Officer.
Expertise and Professional qualities:
Advise on and manage DP programs and activities
- Be appointed for an initial period as Accenture’s Data Protection Officer
- Take responsibility and be accountable for specified DP activities, functions and processes; manage performance of defined elements of other DP activities and processes (for example, privacy reviews, Data Protection Impact Assessments and recording of processing activities).
- Direct the activities of the GU Privacy & Security Leads, including understanding how to support client facing and internal teams on where to obtain advice on DP activities such.as contract negotiations, new offerings, internal projects, client contracts, M&A activity, individual complaints and requests for exercise of individual rights and on IS activities
- Participate in the management of data security incidents in accordance with Accenture processes, in alignment with other relevant stakeholders (for example as advised or requested by Accenture’s Computer Incident Response Team (CIRT)).
- Actively establish and maintain required processes for the Data Privacy Center of Excellence.
- Play an active role in driving DP risk management and improvement
- Work with stakeholders (e.g. IS, account teams, other corporate functions) on DP law, compliance and risks as required (for example by providing input on any changes to scope in controls or processes required as a result of new local laws).
- Manage the handling of individual rights requests.
- Implement essential elements of the GDPR by inputting into policies, plans and processes.
- Provide DP support for global information systems.
- Recognize and appropriately deal with conflicts of interest and other concerns.
Be involved in DP regulatory and auditory requirements
- Monitor compliance by reviewing information provided by central audit and monitoring teams (for example Internal Audit and Security Assessments team); assist GU Privacy & Security Leads in interpreting such information.
- Manage and be accountable for response to requests from regulators – information, inspection, audit – and any enforcement action.
- Provide direction and assistance to GU Privacy & Security Leads in ensuring that local filings/notifications of systems and data processing are maintained and any required authorizations obtained.
Manage training and awareness
- Define needs, strategy, and execution for global and local DP training and awareness programs, including building, developing and delivering such programs.
- Work with the GU Privacy & Security Leads to actively shape and promote local engagement (including with senior leadership) on DP topics, for example by delivering training and awareness programs based on globally packaged materials.
- Actively foster and promote a DP culture within the organization.
- Be able to speak knowledgably on DP to client facing and internal teams and direct their queries appropriately and be able to speak at external conferenced and events.
- Proactively keep up to date with DP topics such as regulatory guidance and enforcement action, activities of relevant industry and standards associations etc.
Report on Accenture’s global DP programs
- In coordination with the IS team, take responsibility for the Data Privacy team’s reporting on (and facilitate reporting on by GU Privacy & Security Leads) agreed DP topics to leadership, local boards, and regulators as required.
- Proactively raise trends, potential threats, concerns or other information within Legal, IS, GS and other stakeholders as appropriate.
Management, oversight and governance
- Responsible for number of DP legal resources and for governance and oversight of the GU Privacy & Security Leads, input into recruitment and performance management.
- Handling escalations and conflicts from GU Privacy & Security Leads and others.
- Developing training plan for GU Privacy & Security Leads and delivering training when required.