- Designing, implementing and operationalising the following initiatives on personal data protection:
o data protection policies, standards and processes
o privacy training and awareness to employees
o risk management initiatives
o privacy compliance assessments, and
o oversight and monitoring
- Enforcing the data protection compliance and fulfillment of Digi's obligation as a Data User, set forth by the Malaysian Personal Data Protection Act 2010 (PDPA) and Digi's data protection policies.
- Monitoring the legal requirements, Authority's guidelines, court case laws and good practices on data protection and implementing it into the company's practice and policies.
- Work with the cross-functional team to manage projects on a timely manner. Key parties you would work with would include but not limited to Privacy Ambassadors and IM representatives, as well as stakeholders from Information Security, Technology, Marketing, and Human Resource.
- Perform data protection impact assessment on business partners and business/IT transactions.
- Conduct monitoring of performance and compliance with data processing obligations pursuant to local law and company policy.
- Provide continuous advise to business and management on matters relating to PDPA and privacy requirements.
- Reviewing and drafting data protection related internal policies, privacy notice, and contracting clauses from a data protection perspective.
- Develops and executes privacy communication campaigns to employees.
- Information Management (IM) portfolio: (1) Participate in the Group IM forum, (2) Develop policies, standards and processes in IM, (3) Implement and ensure compliance with IM policy, (4) Design and implement activities to ensure IM best practice, (5) Conduct monitoring and compliance assessments, and (6) Develop and execute IM communication campaigns to employees.