HR Data Privacy Analyst

Responsibilities

• Lead completion of PIAs involving employee data (close alignment with other Group HR CDO team members and HR stakeholders).
• Support development of practical solutions to embed and operate data privacy controls effectively across all areas of HR function, and where feasible, use Group Data solutions or other alternatives available (close alignment with COO, Regions, other key functions).
• Support and leverage Data Privacy Policy, Risks and Controls Taxonomy and wider Operational Risk Framework to drive effectiveness and continuous monitoring and track key risks and issues (close alignment with Head of Risk, Controls Office).
• Provide advice on data privacy queries from different members of the HR function, including additional information and recommendations, where necessary.
• Support key workshops and training sessions to share best practices and knowledge around data privacy.
• Understand solutions proposed by Group Programmes and its implementation in HR; Support delivery of privacy by design across key HR global transformation projects/programmes.
• Support continuous assessment of the adequacy of procedures and the control environment relative to data privacy and governance risk, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, organisation change, the impact of new products, services, technology and/or threats.
• Display positive collaborative behaviour for the management of risk, including notification and escalation of any concerns and ensuring timely action in relation to points raised by SLOD, audit and/or external regulators, where required.
• Effective prioritisation of work and resources to guarantee the function can always provide the organisation with the analysis and management information it needs to meet its business, policy and regulatory obligations.
• Maintain awareness of operational risk and minimise the likelihood of it occurring, including its identification, assessment, mitigation and control, loss identification and reporting in accordance with the HSBC Operational Risk Management Framework.
• Promote an environment that supports diversity and represents HSBC Values.

Observation of Internal Controls (Compliance Policy / FIM requirements)

• The jobholder will adhere to, and be able to demonstrate adherence to, internal controls and will implement the Group compliance policy by adhering to all relevant processes/procedures.
• This will be achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by the timely implementation of internal and external audit points, including issues raised by external regulators.
• The jobholder will implement measures to contain compliance risk across the business area by liaising with Compliance department about business initiatives at the earliest opportunity.
• Also, when applicable, by ensuring adequate resources are in place and training is provided, fostering a compliance culture and optimising relations with regulators.

Role Dimensions and Requirements

• Multiple senior stakeholders across regions and entities.
• Ability to influence key stakeholders within HR function.
• Attention to detail and ability to draw key information from stakeholders to enable appropriate risk assessment.
• Experience of supporting large scale and complex global programmes.
• Risk management knowledge and relevant experience in the area of expertise.
• Ability to communicate effectively, building strong relationships and influencing key internal and external stakeholders.
• Proven track record in delivering on time and to a high level of quality.
• Experience of working with Legal, Regulatory Compliance, Data Office and other Risk Stewards to shape positive outcomes.
• Proven analytical skills, drives excellence, good diplomacy skills, problem solver, able to deliver change through people and maximise people performance.