Senior - CSG-Data Privacy and Ethics

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. 

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

Key Responsibilities:
1. Data Privacy Compliance: Assist clients in understanding and complying with relevant data privacy laws and regulations, such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other regional data protection laws.
2. Privacy Program Development: Collaborate with clients to develop and implement comprehensive privacy programs, including privacy policies, consent mechanisms, data subject rights processes, and data breach response plans.
3. Privacy Impact Assessments: Conduct privacy impact assessments (PIAs) to identify and assess privacy risks associated with new projects, technologies, or processes, and provide to recommendations mitigate those risks effectively.
4. Data Mapping and Classification: Work with clients to understand their data landscape, conduct data inventories, and classify data based on its sensitivity and regulatory requirements.
5. Ethical Data Handling: Advise clients on ethical considerations surrounding data collection, usage, storage, and sharing, ensuring that their practices align with ethical and governance standards.
6. Employee Awareness and Training: Develop and deliver privacy and ethics training programs to increase employee awareness and promote a culture of privacy and data ethics within organizations.
7. Privacy by Design: Promote the concept of privacy by design and work with cross-functional teams to embed privacy controls and principles into technologies and processes from the early stages of development.
8. Data Subject Requests: Support clients in managing data subject requests, including requests for access, rectification, erasure, and restriction of processing.
9. Regulatory Compliance: Stay up to date with evolving privacy and data protection regulations and provide guidance to clients on compliance requirements and best practices.
10. Client Relationship Management: Build and maintain strong relationships with clients, serving as a trusted advisor and providing valuable insights and guidance on all privacy and ethics-related matters.