Pratham was founded in 1995, to provide pre-school education to children in Mumbai slums. Over the last 25 years, Pratham has grown to be one of the largest non-profit organizations working to provide quality education to children and youth in over 20 states and union territories across the country, through a range of interventions.
Pratham is a widely recognized organization, having received notable awards such as the Lui Che Woo Prize, WISE Prize for Innovation, Skoll Award for Social Entrepreneurship, the Henry R Kravis Prize in Leadership and the CNN-IBN Indian of the Year for Public Service. For more details, refer to www.pratham.org.
Data, Documents and Consent Manager (DDCM)
The Data, Document and Consent Manager(DDCM) will play a pivotal role in ensuring Pratham’s compliance with the provisions of the Digital Personal Data Protection and related data protection regulations in India. The DDCM will be responsible for overseeing all aspects of data storage and protection within the organization, including data storage, processing, privacy policies, security measures, and ensuring that the rights of Data Principals are upheld.
Data Compliance & Oversight:
• Monitor and ensure compliance with the principles and requirements of the Data Protection Bill 2023.
• ensure the accuracy and completeness of data,
• Strengthen security safeguards to prevent a data breach,
• Develop and implement policies, procedures, and processes to ensure data protection and privacy compliance across the organization.
• Oversee the organization's data processing activities, ensuring transparent and secure data collection, storage, and usage.
• Review data processing activities, ensuring they align with the purpose and consent provided by Data Principals.
Privacy Impact Assessments (PIAs) and documentation:
• Conduct and oversee Privacy Impact Assessments to identify potential privacy risks and recommend mitigation strategies.
• Ensure maintenance of accurate records of data processing activities, data flows, and data sharing agreements in accordance with the Data Protection Bill requirements.
Data Storage, Drive, and Device Management:
• Implement and oversee data storage solutions and shared drive management to ensure data is securely stored, organized, and accessible to authorized personnel.
• Ensure adherence to data storage retention policies and data disposal practices.
• Establish and maintain protocols for enterprise device management, including access controls, security configurations, and device lifecycle management.
• Collaborate with IT teams to implement security measures on company devices to safeguard sensitive data.
Data Breach Management:
• Establish and manage a data breach response plan, including notifying Relevant authorities when necessary.
• Investigate and assess the impact of data breaches, recommend corrective actions, and ensure timely reporting to the relevant authorities.
Collaboration and Communication:
• Conduct regular training sessions and workshops for employees, contractors, and stakeholders on data protection principles, policies, and best practices
• Act as the point of contact for all matters related to data protection, both internally and externally.
• Collaborate with cross-functional teams to ensure that data protection considerations are integrated into business processes.
• Evaluate and oversee third-party data processors to ensure they comply with data protection regulations and contractual obligations.
• Facilitate the exercise of Data Subject rights, such as data access, correction, erasure, and the appointment of representatives.
Key competencies and traits:
• Expected experience from 8-12 Years in a similar domain
• Master’s degree in law, information technology, data management, or related field (Advanced degree preferred).
• Certification in data protection or privacy management (e.g., Certified Information Privacy Professional – CIPP) is a plus.
• Document management system knowledge, including box, dropbox, Sharepoint and other cloud solutions.
• Strong knowledge of data privacy principles, practices, and emerging trends. In-depth understanding of the Digital Personal Data Protection Bill 2023 and relevant data protection laws.
• Excellent analytical and problem-solving skills with a strong attention to detail.
• Effective communication and interpersonal skills to liaise with various stakeholders.
• Proven experience in data protection or privacy-related roles.
• Familiarity with IT security and data protection technologies.
Hiring Process & Remuneration:
Please send your resume along with a cover letter, outlining your motivations and suitability for the role, to https://bit.ly/Apply_Pratham_DDM and mention “Data, Document & Consent Manager” in the subject. Once we have done resume shortlisting, we will be sending you an assessment to completion. We will have at least 3 Interview rounds (1 Technical, 1 Team, 1 HR). The final offer will be shared after the compensation discussion. The CTC for this role is in the range of 12-18 LPA and the person will be reporting to the Lead for Digital Transformation. A minimum of three recommendations will be needed as we proceed through the selection process.
The position is based in New Delhi