Title:  Business Process Lead

Job Description

We are a technology-led healthcare solutions provider. We are driven by our purpose to enable healthcare organizations to be future-ready. We offer accelerated, global growth opportunities for talent that’s bold, industrious, and nimble. With Indegene, you gain a unique career experience that celebrates entrepreneurship and is guided by passion, innovation, collaboration, and empathy. To explore exciting opportunities at the convergence of healthcare and technology, check out www.careers.indegene.com Looking to jump-start your career? We understand how important the first few years of your career are, which create the foundation of your entire professional journey. At Indegene, we promise you a differentiated career experience. You will not only work at the exciting intersection of healthcare and technology but also will be mentored by some of the most brilliant minds in the industry. We are offering a global fast-track career where you can grow along with Indegene’s high-speed growth. We are purpose-driven.  We enable healthcare organizations to be future ready and our customer obsession is our driving force. We ensure that our customers achieve what they truly want. We are bold in our actions, nimble in our decision-making, and industrious in the way we work.

Must Have

You will be responsible for:
•    Develop and maintain the organization's privacy policies, procedures, and practices in alignment with applicable privacy laws and regulations and ISO/IEC 27701:2019 framework.
•    Monitor changes in privacy laws and regulations and ensure the organization's practices remain compliant
•    Conduct regular privacy audits and assessments to monitor privacy compliance levels.
•    Update, and communicate privacy policies and procedures across the organization.
•    Ensure privacy regulatory compliance like GDPR, CCPA, HIPAA, HITRUST
•    Conduct regular privacy impact assessments and risk assessments to identify and address potential privacy risks.
•    Collaborate with legal, IT, and other relevant departments to ensure data protection measures are integrated into systems, processes, and products.
•    Design and deliver privacy training programs for employees, ensuring understanding of privacy requirements and best practices.
•    Promote a culture of privacy awareness and data protection throughout the organization.
•    Serve as the main point of contact for data subjects' inquiries, complaints, and requests related to privacy.
•    Liaise with external partners, such as legal counsel and regulatory bodies, to address privacy-related matters.
•    Conduct DPIAs for new projects and initiatives involving the processing of personal data.
•    Analyze potential privacy risks and recommend mitigation strategies.
•    Maintain records of data processing activities, ensuring transparency and accountability.
•    Evaluate and assess the privacy practices of vendors and third-party partners.
•    Review contractual agreements and ensure agreements reflect the organization's privacy requirements.
•    Work closely with product and development teams to embed privacy considerations into the design of products and services.
•    Prepare and present privacy reports, provide metrics and insights on privacy compliance and risks.
About you:
Any Bachelor's degree preferably in Law, Information Security, or a related field
Certifications such as ISO/IEC 27701:2019 Lead Auditor/ Certified Privacy and EU GDPR Practitioner (CPEGP) / Certified Information Privacy Manager (CIPM)
7-10 years of experience in Privacy domain
Proficient in privacy regulation, privacy risk assessment/audit, audit reporting, internal controls, business processes, and operational auditing.
Demonstrate knowledge of key risk areas such as privacy risk, information security risk, cyber risk, compliance risk and regulatory risk.
In-depth knowledge of global privacy laws and standards, including GDPR, CCPA, and HIPAA.
Strong communication and interpersonal skills to effectively engage with stakeholders at all levels.
Analytical mindset with the ability to identify and address privacy risks.
Demonstrated experience in leading privacy initiatives and managing compliance efforts.

Good to have

Must have: Experience in the following:
Privacy Strategy and Compliance: Develop and implement the organization's privacy strategy, ensuring alignment with relevant laws and regulations. Conduct regular audits and assessments to monitor privacy compliance levels.
Privacy Policies and Procedures: Develop, update, and communicate privacy policies and procedures across the organization. Collaborate with legal, IT, and other teams to ensure privacy measures are integrated into various processes and systems.
Training and Awareness: Design and deliver privacy training programs for employees, ensuring understanding of privacy requirements and best practices. Promote a culture of privacy awareness and data protection throughout the organization.
Data Protection Impact Assessments (DPIAs): Conduct DPIAs for new projects and initiatives involving the processing of personal data. Analyse potential privacy risks and recommend mitigation strategies.
Vendor and Third-Party Management: Evaluate and assess the privacy practices of vendors and third-party partners. Review contractual agreements and ensure agreements reflect the organization's privacy requirements.
Data Subject Requests: Manage data subject requests, including access, rectification, and erasure requests, ensuring timely responses in line with regulations.
Privacy by Design: Work closely with product and development teams to embed privacy considerations into the design of products and services.
Stakeholder Engagement: Collaborate with legal, compliance, IT, and other departments to implement and monitor privacy initiatives. Liaise with regulatory bodies and legal counsel as needed.
Privacy Reporting: Prepare and present privacy reports. Provide metrics and insights on privacy compliance and risks.
 
Nice to have: Certifications such as ISO/IEC 27701:2019 Lead Auditor/ Certified Privacy and EU GDPR Practitioner (CPEGP) / Certified Information Privacy Manager (CIPM)

EQUAL OPPORTUNITY

Indegene is proud to be an Equal Employment Employer and is committed to the culture of Inclusion and Diversity. We do not discriminate on the basis of race, religion, sex, colour, age, national origin, pregnancy, sexual orientation, physical ability, or any other characteristics. All employment decisions, from hiring to separation, will be based on business requirements, the candidate’s merit and qualification. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, gender identity, sexual orientation, disability status, protected veteran status, or any other characteristics.