Data Protection Officer - KD0917
To support Research Development and Innovation activities and enable RDI staff to concentrate mainly on their core activities, the LIH, in collaboration with the Luxembourg Institute of Socio-Economic Research (LISER), is actively looking for a Data Protection Officer. The holder of the position will join both Research Institutes and is expected to equally share her/his work between both.He/she will mainly be responsible for designing a policy to comply with data protection legislation requirements.
Luxembourg Institute of Health
1A-B, rue Thomas Edison, Strassen 1445, Luxembourg
- Inform and advise the institutes and their staff about the obligations pursuant to applicable data protection legislation;
- Act as the contact point for any internal questions raised on data protection issues;
- Monitor compliance with applicable data protection legislation and with the institutes policies related to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved, and the related audits;
- Maintain a record of data processing activities for both institutes;
- Maintain a registry of all institutes research related databases;
- Provide advice where requested as regards the data protection impact assessment and monitor its performance;
- Identify the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing;
- Cooperate with the Luxembourg Data Protection Authority (CNPD), lawyers and policy makers;
- Act as the contact point (i) for the CNPD on issues relating to processing, including the prior consultation, and consult, where appropriate, with regard to any other matter as well as (ii) for data subjects relating to processing carried out by the institutes;
- Design security action plans, dashboards and indicators enabling LIH/LISER to monitor, maintain and improve the data protection policy;
- Contribute to align organizational and technical measures with the institutes data protection compliance target.
KEY SKILLS, EXPERIENCE AND QUALIFICATIONS
- University degree (Master or higher) in Law, Economics, Business Management, Life or Medical sciences and/or IT (big data). Any certification in the field of data protection such as the IAPP CIPP/E and/or CIPM Certifications is an asset;
- Min. 3-5 years of professional experience in the data protection field (ideally in a Research Environment);
- Very good knowledge of the legal, technical, IT and organizational framework regarding data protection and GDPR regulation;
- Very good analysis and synthesis capacity;
- Strong ability to adapt and work easily with different staff members, at different levels, as well as transversally, in both institutes;
- Fluent in French and English, proficiency in German and/or Luxembourgish is a plus.