Assist organizations in complying to Data Protection / privacy laws and protection personal information of customers / employees / visitors etc. through legal, compliance, audit and technology help. It is a techno legal profession and requires both legal and technology professionals.
The Data Protection profession involves assisting organizations in protecting the personal data of their customers, employees, visitors, contractors etc. This is through drafting legal documents such as privacy policies, privacy notices, contracts, terms and conditions or through consulting in setting up Privacy governance and program management such as governance structure, roles & responsibilities, privacy strategy etc. or through implementation of privacy enhancing technologies such as encryption, anonymization, pseudonymization or through data discovery exercises to identify uncontrolled data etc.. This is a techno legal profession which requires lawyers as well as technology experts to assist the organization with legal aspects as well as technology aspects. Generally experts from multiple backgrounds are required such as legal professionals, technology professionals, audit professionals and compliance professionals.
Skills required
General understanding about the structure and interpretation of Privacy laws. Knowledge and understanding of Privacy laws across the globe. Knowledge of modern Privacy laws such as General Data Protection Regulation (GDPR), California Consumer Protection Act (CCPA), Personal Data Protection bill (India) etc. are important to be relevant.
Good drafting and communication skills, documentation expertise and presentation skills.
Education background for legal profile - LLB, LLM, Cyber law graduate
Technology skills
Privacy engineer profile - knowledge or technical bent to acquire knowledge of applications, databases, technology architecture, privacy technologies such as encryption / anonymization / differential privacy etc.
Compliance specialist profile - High level understanding of network, applications, databases, technology processes, Information security (ISO27001, NIST CSF, NIST 800-53 etc.) background is an advantage.
Audit / assessment profile - High level understanding of network, applications, databases, technology processes, Information security (ISO27001, NIST CSF, NIST 800-53 etc.) background is an advantage.
Good interviewing skills, communication skills, documentation skills and presentation skills.
Education background for technology profile - BTech / BSc computer science / BCA or other technical graduate with computer science knowledge