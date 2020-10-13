DUTIES
- Assist the client to analyse the data collected, processed and stored within each business unit and to make recommendations in order to become compliant with data privacy legislation in South Africa as well as in the broader footprint of the company.
- Present Data Privacy project approach, overview of privacy legislation (including HIPAA, CPA, NCA, PCI, POPI & GDPR) to the stakeholders.
- Identify and agree the roles and responsibilities of business team members.
- Identify data which is potentially impacted by Data Privacy legislation in business processes and systems, manual processes or by 3rd parties through document analysis, interviews, workshops, workflow analysis and auditor reports.
- Classify data held within the application by adopting the company’s classification policy.
- Document the methods and channels used for data collection, impact of data in transit and review existing policies such as data retention, consent, data used on QA environments etc.
- Document software and patch installations for entry points to assess vulnerabilities to lower risk and breaches.
- Identify risks of each application’s data to ensure Data Privacy compliance.
- Identify third party providers and list agreement types such as SLA’s, software systems, support contracts and data transfers.
- A sound understanding of POPI and GDPR legislation.
- Provide weekly feedback on Data Privacy project to BA Management.
ESSENTIAL
- Business Analyst certification
- Extensive knowledge of POPI and GDPR legislation
- Experience in Retail is advantageous