Privacy Specialist

Summary:

The Privacy Officer plays a pivotal role in establishing and sustaining a robust privacy program at Telecel Ghana, ensuring full compliance with local and international data protection regulations, including GDPR, CCPA/CPRA, and telecommunications-specific requirements. As the primary subject matter expert, this individual is responsible for shaping privacy strategy, leading risk assessments, managing data breaches, and fostering a privacy-first culture across all levels of the organization. The role demands close collaboration with legal, IT, product, and regulatory teams, while providing strategic reporting to senior leadership and governing bodies. The Privacy Officer ensures proactive compliance, effective incident response, and continuous improvement of privacy practices in alignment with evolving legal landscapes and industry standards.

Responsibilities:

• Develop, implement, and maintain the company’s privacy policy, program, procedures, guidelines, and controls.
  
• Conduct privacy impact assessments (PIAs) and data protection impact assessments (DPIAs) for new products, services, technologies, and business processes.
  
• Monitor and ensure compliance with data privacy laws and regulations, including updates to GDPR, CCPA/CPRA, and Ghanaian privacy governance frameworks.
  
• Serve as the primary point of contact for internal stakeholders, regulators (e.g., Data Protection Commission, National Communications Authority, Bank of Ghana), and customers on privacy matters.
  
• Manage data subject access requests (DSARs) and other individual rights requests in a timely and compliant manner.
  
• Lead the investigation, notification, mitigation, and reporting of data breaches in accordance with legal requirements.
  
• Develop and maintain the Data Breach Incident Response Plan and coordinate response efforts.
  
• Conduct regular privacy risk assessments and identify opportunities for process improvement.
  
• Maintain comprehensive records of data processing activities to meet legal documentation obligations.
  
• Design and deliver role-specific privacy training programs for employees across all levels.
  
• Create and distribute internal communications to promote awareness of privacy policies and best practices.
  
• Collaborate with IT, Security, Legal, Product, Marketing, and HR teams to embed privacy into systems, processes, and business initiatives.
  
• Engage with industry stakeholders, including Mobile Network Operators (MNOs), the Telecommunications Chamber, the Chamber of Electronic Money Issuers, and legal experts on sector-wide privacy issues.
  
• Provide regular reports and updates to senior management and the board on the status and performance of the privacy program.
  
• Supervise internal investigations into privacy-related issues and ensure resolution in line with compliance standards.
  

Requirements

Requirements:

• Bachelor’s degree in Law, Business, Information Technology, or a related field; Master’s degree preferred.
  
• Minimum of six (6) years of experience in privacy, compliance, or legal roles, with significant experience in the telecommunications or another highly regulated industry.
  
• Proven track record of delivering on agreed KPIs within privacy or compliance functions.
  
• Professional certification such as CIPM, CIPP/E, CIPP/US, or equivalent is highly preferred.
  
• In-depth knowledge of global and regional data privacy laws, including GDPR, CCPA/CPRA, and Ghanaian data protection regulations.
  
• Strong understanding of data security principles and technologies.
  
• Excellent analytical, problem-solving, and communication skills.
  
• Ability to work independently and collaboratively across cross-functional teams.
  
• High level of integrity, professionalism, and ethical standards.
  
• Experience with privacy management software is a plus.