Our vacancies

Search Jobs  

BGLA Privacy Officer

Job Introduction

The Privacy Officer is responsible for driving the Company’s Privacy Program throughout the organization. Generally, the role is to provide timely, efficient, results-oriented decision-making and provide professional advice on Privacy issues relating to a broad range of corporate, insurance, and commercial matters with international dimensions to ensure that the legal, regulatory and contractual requirements for the organisation are met. 

The Privacy Officer must be forward looking with a strategic and analytical approach to their work. The role holder should be able to consistently demonstrate creative, objective and lateral thinking when working under pressure.

The role requires subject matter expertise in assuring that BGLA creates and maintains an appropriate and effective framework in place in respect of data privacy and information risk- management and governance.

He/she must be fully committed to meeting the objectives of their own role and for ensuring that these align with Bupa’s overall business ethos, strategy and ambitions.

The job holder must be able to work with staff at all levels, from various areas of the business, as required. Their confidence, experience and interpersonal skills must also enable them to build and maintain strong, credible working relationships with MU and Centre executives, external agencies and project partners. He/ she must be committed to achieving success through consultation, negotiation and resolution.

He/she must be fully capable of using their initiative as the role requires a high degree of autonomy. He/she must be fully prepared to share information and tasks as appropriate, particularly with his/her peers, colleagues and staff.

The job holder is required to take keep abreast of local and global data handling and confidentiality legislation, standards and best practice. The Privacy Officer must build networks and external stakeholder relationships to ensure knowledge is current, communicates requirements and standards in a timely way with internal stakeholders when changes occur and to inform new business initiatives and acquisitions.

Role Responsibility

Addressing Privacy risk in the business operations of BGLA, the jobholder will be required to look at information governance and privacy issues facing BGLA companies, and the impact of data handling on our partnerships in Latin America and the United States. This will include:

  • Working with the businesses to appropriately address compliance with applicable laws, regulatory requirements, Bupa Privacy and Information Security policies and industry practice such as NYMITY, ISO 27001and PCI-DSS.
  • Setting direction on matters related to notice, data handling, data-sharing and cross-border data transmission, in line with the Bupa Privacy Policy and Strategy, as part of an effective first line of defence function within BGLA
  • Responsibility for reporting and assurance to appropriate internal governance groups and meetings within BGLA and MU (as needed)



  • Actively manage relationships with colleagues at all levels to understand BGLA’s compliance with relevant legal, regulatory and Group policies relating to information management.  Acting as BGLA’s subject matter expert with regard to any Privacy initiatives.
  • Represent Bupa Global Latin America on any Group, MU or cross business committees/forums relating to Privacy and Information Governance (as required).
  • Be accountable for facilitating implementation and embedding of the required Privacy program  policies and procedures for BGLA staff, third parties, and temporary staff (including training).


Consultancy & Advice

  • Provide guidance and subject matter expertise to ensure the potential impact of solutions in respect of the Privacy framework are understood at all levels across the business unit.
  • On discovery of any actual or suspected breaches of legislation, regulatory requirements or Bupa policies relating to information risk:
    • To take leadership of the investigation and delegate investigative and remedial action where appropriate, keeping senior management informed; and
    • Ensure that recommendations are produced regarding follow-up actions to prevent any recurrence.
    • Ensure the business takes ownership for and effectively delivers on relevant follow up actions.
  • To act as a subject matter expert and provide specialist advice to the Executive Team and Risk Management Committee, if required, particularly in relation to any breaches of Bupa’s Privacy practices.
  • Play an active role in the communication, development and explanation of Privacy requirements to first-line management and staff.
  • Drafting guidance material on information handling for use by managers and staff.
  • Deliver ongoing training.

The Ideal Candidate

•            At least ten (10) years of experience in Privacy, Information Governance or records management

•            Bachelor’s degree required, Master’s or Juris Doctorate preferred

•            CIPP, CIPM, and/or CIPT certification

•            External accreditation/ certification in Information Risk and/or Information Governance related initiatives

•            Extensive and proven experience in development of policies and procedures within the financial services and or healthcare sector

•            Excellent oral and written communications

•            Excellent organization, time management and initiative

•            An understanding of methodologies and detailed knowledge of information risk analysis / management, governance principles and related legislation (e.g.ISO27001, EU Data Protection legislation, PCI DSS, HIPAA, COBIT etc.)

•            Excellent influencing skills, particularly at Executive Team level. In particular, must have experience of quickly inspiring the confidence of senior executives.

•            Objective, analytical and lateral thinking with the ability to summarise, simplify and communicate complicated technical issues.

•            Experience of managing relationships with either regulatory bodies or law enforcement agencies in connection with investigations.

•            Ability to work across cultures and geographies.

•            Fully bilingual in English and Spanish.



This website is using cookies to improve your browsing experience. If you navigate to another page without changing the settings below you consent to this. Read more about cookies.