Manager - Information Privacy Compliance

Get AI-powered advice on this job and more exclusive features. Short Description for Internal Candidates To provide input into divisional POPIA Operational Plans, operational support and continuous monitoring of Information Privacy business compliance to the POPIA Act, across MTN South Africa (SA) and its Legal Entities including but not limited to SuperSonic and MANCO. Apply, Monitor, report and measure all Information Privacy (IP) practices across the landscape.

• Work closely with Information Privacy Champions and Functional Unit Heads to implement and drive Information Privacy initiatives, ensure reporting and mitigate risks
• Continuously improve and implement IP practices
• Implement an effective Data Subject Participation process
• Ensure integration of information security controls and requirements
• Implement an effective Incident & Breach Management process
• Assist with the implementation of Direct Marketing Policy, Guideline and practices across the business
• Maintain an inventory (PI Inventory) of the location of key personal data storage and information flows with defined classes of personal data
• Educate the business on Information Privacy
• Continuous implementation of Information Privacy initiatives : Awareness; Induction; Campaigns, Training, Communication
• Educate the business on all Information Privacy focus areas : Manage Information Privacy business compliance
• Be an Information Privacy subject matter expert to business
• Consult, support business and create report(s) on all Business Compliance Assessments
• Work closely / collaborate with custodial functions to ensure IP compliance and embedment
• Ensure implementation of IP data protection controls
• Manage and monitor gaps
• Maintain an effective Data Subject Participation process
• Maintain an effective PI Incident & Breach Management process
• Assist in management of customer consent preferences (process)
• Consult on all projects to ensure Privacy By Design guidelines are adhered to
• Support the enforcement of Information Privacy governance, structures, policies, standards, procedures, guidelines and processes
• Monitor and report on Information Privacy
• Monitor and create report(s) on Business compliance and IP maturity
• Reporting to appropriate governance / compliance councils and committees
• Monitor, report on and mitigate IP engagement initiatives
• Conduct regular business compliance risk assessments
• Implement, monitor and measure the effectiveness of the Information Privacy practices
• Regular reporting and presentations to the Information Privacy Officer, Information Officer and Deputy Information Officers on privacy business compliance matters
• Achieving compliance to POPIA implemented process on POPIA impact supply chain activities
• Process and Evaluations – All third-party supplier evaluations are completed prior to contracting
• Ensuring compliance of exceptional sourcing process into business areas that are not centrally managed via Procurement
• Ensuring sourcing notifications from CLM are addressed
• Revise and publish customer notice and POPIA Act Manual
• Monitoring incidents and breaches relating to consent preferences ensuring that a managed process exists relating to direct marketing consent and third parties
• Conduct Reviews on RDS'S from a contractual, third party and POPI Act compliance perspective
• Support internal and external stakeholders, e.g., EBU, CBU, Digital and Marketing and meet with third parties to resolve issues
• Draft letters to data subjects, Information Regulator and DMASA on requests, complaints, incidents and breaches
• Ensure reduction of Incident and Breach exposure
• Report on material complaints, DSR, incidents and breaches and ensure containment and remedial exposure mitigated within reasonable time
• Support business imperatives driven by team via Information Compliance Council
• Support Information Privacy Champion initiatives where required
• Enforcement of Information Privacy and associated policies and guidelines, Incident and Breach management standard and guidelines, and Direct Marketing policy and guidelines
• Enforcement of dashboard and reports on Incident & Breach, and Data Subject Participation solution
• Ensure POPIA processes are implemented and working on high POPIA impact supply chain activities for procurement and business areas conducting their own sourcing
• Review and recommend improvements on sourcing and third-party processes and operational matters
• Reviewing of critical projects / contracts
• Continuous support provided to internal and external stakeholders via POPI mailbox
• Ensure reporting is done accurately
• Assist with Breach and incident escalations from business
• Approval of training material, e.g., DSR, incident and breach, etc
• Monitor, review and communicate the regulatory posts and ensure updates from the IR website are monitored and communicated

• Develop and drive the execution of agreed projects
• Drive the implementation, tracking, monitoring and compliance of Projects
• Contract management in line with Procurement Policies
• Ensure effective implementation of the integrated project management model

• Perform Business Analysis MTN SA Business Analysis in line with the methodology and guidelines
• Identify ways to fine tune policies, processes and systems in line with changing work practices
• Determine, document, and review requirements for projects within the scope of the value stream or impacting processes and systems
• Design, Analyse and document workflow and make appropriate recommendations that will positively impact operational effectiveness
• Identify Business Improvement and Optimization opportunities that will result in improvement of process performance
• Ensure that benchmarking is conducted with other companies and organizations within and outside the industry
• Construct business cases for initiations proposed by the business
• Research and consider best practice, local conditions, trends, as well as competitor activity
• Identify and implement innovative ways to use minimum resources to achieve maximum outputs

• Be an effective role model for leadership behaviors, leading by example with a positive make-it-happen attitude
• Support decisions publicly once they have been made
• Build and enforce a customer centric approach
• Build employee relations and collaborative teamwork
• Communicate actively and effectively resolving any potential conflicts that may arise
• Display insight into leadership style and how it impacts on performance positively and negatively
• Have the self-insight and flexibility to adapt to different situations
• Manage boundaries that separate units in order to optimize workflow
• Live the MTN Brand – change and influence employees' behavior

• Minimum of 3 year degree / diploma
• Fluent in basic command of English
• Minimum of 5 years' experience in area of specialization (Information Privacy); with experience in supervising / managing others
• Experience working in a medium to large organization
• Telco & IT experience will be advantageous
• Associate seniority level
• Full-time employment type
• Job function: Legal
• Industries: Telecommunications