Regulatory Compliance
• Monitor changes in legislation and advise leadership on necessary updates.
• Ensure full compliance with GDPR, Vietnamese data protection regulations, and NAE policies.
Policy Development & Documentation
• Develop, implement, and maintain data protection policies, procedures, and privacy notices.
• Maintain accurate records of processing activities and ensure compliance with data retention requirements.
Risk Management & Auditing
• Conduct regular audits and risk assessments to identify vulnerabilities in data handling across all departments (Admissions, HR, Finance, Academic).
• Recommend corrective actions and oversee implementation.
Training & Awareness
• Promote awareness of privacy obligations across all departments.
• Provide training sessions and ongoing guidance to staff on data protection best practices.
Stakeholder Engagement
• Act as the primary point of contact for data subjects, regulatory authorities, and internal stakeholders.
• Respond to inquiries and manage requests related to personal data rights.
Incident Management
• Lead the response to data breach incidents, including investigation, documentation, and reporting.
• Coordinate with relevant teams to implement remedial measures.
Advisory Role
• Provide expert advice on data protection implications for new projects, contracts, and technology solutions.
• Ensure privacy considerations are integrated into organizational planning and decision- making.
Collaboration with IT
• Partner with IT teams to design and implement technical and organizational measures for data security.
• Support the adoption of secure systems and tools.
Reporting
• Prepare and submit compliance reports to senior leadership and NAE.
• Highlight key risks, audit findings, and recommendations for improvement.
Other
• Provide timely and practical legal counsel across the business issues (HR, IP, Commercial, Regulatory, etc.) when requested.
Safeguarding & Personal Development
• Child Protection: Work closely with the Designated Safeguarding Lead (DSL) to ensure the highly sensitive data involved in child protection cases is handled with maximum confidentiality and security.
• Continuous Learning: Maintain professional expertise by staying current with evolving privacy laws in Vietnam and international best practices (GDPR).
Any other task required by the line managers
Working hour: from Monday to Friday, from 8:00 to 5:00
