Compliance/GDPR Project Manager (End Customer) (m/f)

Publiée le 26/04/2021 par emagine Consulting SARL

Lieu : Barcelona/Madrid
Durée : 6 months+
Tarif : Tarif non renseigné
Télétravail : Non
Début : 10/05/2021

Description de la mission :

For our client in the Insurance/Banking sector, we are looking for a Project Manager especialized on Compliance and GDPR :

Start : ASAP

Place : BARCELONA or PARIS (depending your location)

Duration : 6 months - 1 an

Contract : Freelance or Permanent ( The client is open for both contracts)

Context of the job :

July 16, 2020 : the Court of Justice of the European Union released a decision « Schrems II » which : 1/ Invalidated the transfers of personal data from EU to US based on the Privacy Schield and 2/ Asked companies having data flows out of the EU to implement supplementary measures ( technical, security, etc) and tools to ensure the protection of data is reinforced in jurisdictions which do not provide a level of protection as strict as in EU.

October 13 2020: the French Council of State acknowledges the existence of a risk of data transfer where health data is hosted by a company ( in this case Microsoft) having its parent company in US and data may as such be accessed by US authorities even when hosted in EU.

Based on these decisions : CNIL (i) requested to the Council of State a transition period to either change MSFT for a EU provider or set up additional safeguards and recommended EU companies using US IT providers to do the same and (ii) asked French companies to take appropriate actions to be compliant with Schrems II decision.

Current situation within the Group :

Schrems II impacts are closely followed by the Group

This decision impacts several functions within the organization to ensure that all impacts from a customer perspective are well evaluated ( IT architecture, criteria of selection of our providers, stronger security measures, contracts review, data flows inventory etc),

Objective : To have a better visibility on data flows out of EU ( leverage on GDPR works), track the gaps if any in security measures, build/adapt the current IT strategy.

Be compliant with CNIL recommendations and anticipate any potential similar position from other EU DP authorities.

Tasks :

Setup the appropriate project governance with IT and business representatives (including escalation process)


Voir plus | Connectez-vous / inscrivez-vous

Postuler à cette mission :
Si vous cherchez un CDI ou CDD, le jobboard Carriere-info est plus adapté.