AVP, Data Privacy

NMC Healthcare is the most trusted and the largest private healthcare company in the UAE for over 40 years. With a dedicated team of doctors and paramedical and support personnel, NMC owns and manage numerous healthcare facilities in the UAE and Oman and treat millions of patients every year. The company has specialized verticals that include Multi-Specialty Care, Maternity and Fertility, Long-Term and Home Care, Medical Centres, Day Surgery Centres, Operations and Management.

We at NMC facilitate a challenging and motivating work environment that enables ample scope for career growth and development. We create a conducive work culture that attracts, retain and help talented and committed individuals grow. We encourage lifelong learning and deliver the best care to our customers and strive towards creating a world-class platform for nurturing the professionals of tomorrow.

Key Accountabilities:

• Data Protection Regulation, UAE Federal Personal Data Protection Law and other relevant data protection laws.
• Act as the point of contact for regulators.
• Provide advice and guidance to management and staff on all aspects of data protection compliance.
• Perform or review data protection risk assessments (Privacy Impact Assessments) on systems and processes to support the business to meet its objectives.
• Set privacy compliance training strategy for Company, plan, develop and implement training for all staff. Implement a comprehensive data privacy communications and awareness strategy for the group.
• Develop policies (internal and external facing) and procedures for the group in relation to all privacy related activities.
• Implement and lead a personal data breach incident response plan. Prepare and process regulatory notifications where required. Lead efforts to ensure high levels of awareness and readiness across the group.
• Manage data subject rights procedures across the group ensuring that regulatory requirements are known and met.
• Monitor developments in local and international privacy trends and laws. Develop mitigation strategies to reduce privacy risk to data subjects and NMC Group.
• Identify NMC’s accountability requirements under relevant privacy laws, develop and implement procedures to ensure that they are met.

Education & Certification:

• University degree. Preferably in Law (but other fields will be considered depending on experience)
• Relevant Data Privacy certification such as CIPP/E or CIPM.

Experience:

• Ten years’ experience in data protection compliance with strong experience in EU GDPR and/or other privacy regimes
• Five years at management level
• Strong experience advising senior leadership
• Coaching and training
• Building data privacy compliance programmes for large organisations.

Knowledge & Skills:

• Significant experience advising large businesses on data privacy their compliance risks.
• Excellent knowledge of UAE and international data protection laws
• Strong leadership and communication skills
• Strong experience leading data privacy compliance projects for a large organization.
• Self-starter and able to motivate others
• Advising on compliance contractual clauses
• Strong judgment.
• High proficiency in written and spoken English
• Able to align the objectives of the company with relevant compliance obligations
• A lateral thinker with a strong ability to analyse a high volume of often disjointed and unfamiliar information, identify problems and possible resolutions.
• Excellent policy drafting skills and ability to break down complex topics to easily understandable language.
• Strong communicator, presenter and collaborator who can simplify complex issues for colleagues
• Highly organized and goal oriented
• Ability to effectively operate in a fast paced, multi-cultural, multi-stakeholder large corporate environment.
• Healthcare industry experience helpful but not essential