Director - Data Privacy & Governance
Indegene
Job Description
Role Overview
We are seeking a Director / Senior Manager - Data Privacy & Governance to support and drive the organization's global privacy operations and data governance framework.
This is a hands-on execution role, responsible for implementing privacy processes, ensuring regulatory compliance, and embedding data governance practices across business functions. The role will work closely with Legal, Technology, and Business teams to operationalize privacy requirements across jurisdictions.
Key Responsibilities1. Privacy Operations ManagementManage and execute core privacy processes:Data Subject Rights (DSAR) requestsData Protection Impact Assessments (DPIA)Records of Processing Activities (RoPA)Ensure timely and compliant closure of all privacy workflowsMaintain documentation and audit trails
- Regulatory ComplianceSupport compliance with:GDPRDigital Personal Data Protection Act, 2023HIPAA (as applicable)Assist in implementation of policies, procedures, and controlsMonitor regulatory updates and support internal alignment
- Data Governance ImplementationSupport rollout of frameworks for:Data classificationData retention and deletionData minimizationAssist in maintaining enterprise data inventory and mappingCoordinate with technology teams for implementation
- Healthcare Data Privacy SupportSupport compliant handling of:Patient data / PHIClinical and research datasetsAssist in anonymization and pseudonymization initiativesEnsure adherence to healthcare-specific requirements
- Third-Party Privacy ManagementReview and support execution of:Data Processing Agreements (DPAs)Conduct privacy assessments for vendors and partnersTrack third-party compliance obligations
- Incident & Breach SupportSupport investigation and response to personal data breachesAssist in regulatory notification and documentationCoordinate with Information Security teams
- Stakeholder CoordinationWork with:LegalProduct / EngineeringBusiness teamsProvide practical guidance on privacy requirementsSupport privacy-by-design implementation
- Training & AwarenessSupport development and delivery of privacy training programsPromote awareness of responsible data handling practices
- Emerging Areas & Responsible Data UseSupport initiatives related to responsible data useAssist in review of high-risk data processing activitiesContribute to evolving governance practices
Role BoundariesIn ScopePrivacy operations (DSAR, DPIA, RoPA)Regulatory compliance executionData governance implementationOut of ScopeInformation Security / Cybersecurity operationsIT systems or infrastructure ownershipAI model development
Candidate ProfileExperience9-12 years of experience in:Data privacy / data protectionCompliance / risk / legal operationsHands-on experience in privacy operations is mandatory
Core ExpertiseWorking knowledge of:GDPRDigital Personal Data Protection Act, 2023Exposure to:HIPAA (preferred)Practical experience with:DPIA, DSAR, RoPAData lifecycle management
Preferred BackgroundIT services / consulting / BFSI / healthcareExperience in multinational or regulated environments
Certifications (Preferred)CIPP/E or CIPP/USCIPMDPO certification (good to have)
Key SkillsStrong execution and attention to detailAbility to translate policies into processesStakeholder coordination across functionsProblem-solving and pragmatic approach
Success MetricsHere is a simplified, clean, and non-duplicative version of Success Metrics - easy to track and use for performance:DSARs and DPIAs completed within defined timelines RoPA maintained with high accuracy and coverage Data classification and retention frameworks implemented Audit readiness maintained with no major findings Privacy incidents reduced and managed effectively Breach responses and notifications completed on time Privacy-by-design applied to all new projects Strong adoption of privacy practices across teams Organization-wide privacy training completed Key vendors covered under DPAs and privacy assessments
Career PathThis role provides a pathway to:Head - Privacy & Data GovernanceData Protection Officer (DPO)Regional Privacy Lead
SummaryThis role is designed for a strong privacy operator who can:Execute privacy processes at scaleSupport global regulatory complianceDrive implementation of data governance frameworksWork cross-functionally to embed privacy into business operations