Data Privacy Officer

Job Description – Data Privacy Officer Role Objective:-The Data Privacy Officer (DPO) ensures compliance with applicable data protection laws and regulations, while acting as a trusted advisor to business stakeholders on all matters related to data privacy and protection. The role is responsible for establishing governance, policies, and processes to mitigate privacy risks, support compliance, and foster a culture of data protection across the organization. Key Responsibilities:-Design, implement, and monitor an effective Data Privacy governance and control framework to ensure compliance with applicable laws (GDPR, Indian DPDP Act, HIPAA, etc.). Conduct and support activities such as processing activity evaluation, privacy impact assessments, incident management, and handling of data subject requests (DSR/DSARs). Draft, implement, and oversee data privacy programs, policies, and procedures in consultation with stakeholders. Provide expert guidance to management, businesses, and functions on all data privacy and protection matters. Impart data privacy trainings and provide functional guidance to Data Privacy Ambassadors across the organization. Review, draft, and negotiate Data Processing Agreements (DPAs), vendor contracts, customer contracts, and employment agreements from a data privacy perspective. Act as the single point of contact for internal teams and external authorities (e.g., Data Protection Authority, industry bodies) on data privacy issues. Promote a strong culture of data protection and compliance across Siemens Healthineers Zone India and group companies. Keep the Global Head of Data Privacy informed on all material data privacy topics in Zone India. Work collaboratively with global and local stakeholders, including data privacy specialists, IT & cybersecurity teams, legal teams, and business units. Coordinate and conduct data privacy audits and report findings with corrective action plans. Key Attributes & Competencies Strong expertise in data privacy & protection regulations from both legal and technical perspectives. Solid understanding of privacy frameworks and compliance mechanisms. Proven ability to exercise judgment on complex data privacy issues. Strong collaboration and stakeholder management skills, with ability to handle multiple priorities under pressure. Excellent verbal and written communication skills with high attention to detail. Ability to foster awareness and cultural alignment around data privacy within the organization. Qualifications & Experience Law degree from a reputed Indian or international institution (mandatory). Preference for additional certifications/qualifications in Data Privacy, Data Protection, or Information Technology (e.g., CIPP/E, CIPT, CIPM, DCPP). 8–12 years of post-qualification experience in a law firm or in-house data privacy/compliance function. Experience in industries such as MedTech, IT, ITES, E-Commerce, or other sectors processing large volumes of personal data. Demonstrated experience in independently handling data privacy matters in a large organization.