A key takeaway from SBI’s call for applications for ‘Data Protection Officer’

State Bank of India, in my knowledge, is one of the first Indian Bankers to announce positions for the “Data Protection Officer”.  

I am considering this as a good  sign that the Bank has recognized the need for an exclusive officer. But with the Personal Data Protection Bill is still in consideration the call for applications for the positions might be driven more by the international demand from their foreign branches which should have received notices from some supervisory authorities of foreign jurisdictions but it could also be a slight of realization that data protection is a necessity of business.

The educational qualification required for the post are as following:

• Graduation or its equivalent
• Preferred Professional Certification:
• Certified EU GDPR Foundation,
• CIPP (Certified Information Privacy Professional),
• CIPT (Certified Information Privacy Technologist),
• CIPM (Certified Information Privacy Manager) etc

Post qualification work experience required is

• Minimum 15 years’ post qualification work experience (as on 01.04.2020) as  executive/ Supervisor in Corporate Sector out of which at least  10 years’ experience should be in BFSI Sector.
• Preferred: Experience in Data Privacy Laws & Regulations and other Data Security areas with associated IT skills.
• The age restriction is 55 years and the appointment is a contractual for 2 years.

The requirement of following special skills have been specified

• High level specialist knowledge in the General Data Privacy Regulation underpinned by theory and experience
• Evidence of continuing professional and/ or personal self- development.
• Expert knowledge of data privacy laws and practices.
• Exposure to Data Privacy laws & regulations such as General Data Protection Regulation “GDPR”), UK Data Protection Act 1998 etc.
• Knowledge of Information life-cycle, risk management & data security areas.
•  Extensive knowledge of Information Governance disciplines.
• Skill of interpretation of national guidance and legislation and subsequent local implementation.
• Flair for managing staff and implementing budgets. Training Delivery.
• Capacity to work with cross functional teams, attention to detail, organizational skills and multitasking.
• Strong management, motivational & leadership skills with ability to drive large change management programs within organizations.
•  Ability to maintain confidentiality and deal with situations in a sensitive manner.
• Ability to communicate across all organizational boundaries in an appropriate manner.

Key Takeaway

The job description and specified qualifications, not at all mention about knowledge of the Indian data protection law either on the basis of the Information Technology Act 2000 or (Amendment) 2008 or on the basis of the proposed Data Protection Bill.

The usage of “etc” at various places may include the knowledge of such laws and may be taken into consideration when candidates are screened.

Overall, such announcement indicates that soon other Banks will also start considering these positions shortly and start opening opportunities for “Data Protection Professionals”.