+254-41-2312190/1 info@mombasahospital.com
Menu

CAREERS

THE MOMBASA HOSPITAL

The Mombasa Hospital, established in 1891, is one of the leading healthcare institutions in Mombasa County. The Hospital is seeking a qualified Kenyan citizen to fill the following position:-

DATA PROTECTION OFFICER

Overall Responsibility;

To monitor internal compliance, inform and advise on data protection obligations, provide advice regarding Data Protection Impact Assessments (DPIAs) and act as a contact point for data subjects and the Information Commissioner.

Roles & Responsibilities

  1. Contact person within the Hospital for members of staff, regulators, and any relevant public bodies on issues related to data protection
  2. Establishing a Data Protection framework and implementation plan, amend existing internal data protection policies, guidelines and procedures, in consultation with key stakeholders including developing templates for data collection and assisting with data mapping. 
  3. Training of Hospital staff on the impact on their work by the DPA, the handling of sensitive medical data, the exceptions to the DPA in respect of medical records and personal data handled and the effect of the resulting policies and SOP’s. 
  4. Advice the Hospital and employees on data processing requirements provided under the Act or any other written laws. 
  5. Assess and advise on the procedures for identifying and reporting data breaches and unauthorized data access.
  6. Support the Hospital in preparation of privacy statements for each processing operation, and ensuring processes are put in place to ensure that the privacy statement is provided to data subjects on all Hospital forms and/or literature, websites and other communication or data collection mediums.
  7. Work with legal and IT team to ensure full compliance on all data protection laws 
  8. Providing quarterly status updates to senior management on any failure to comply with the applicable data protection rules. 
  9. Carry out an ongoing assessment on the data within our organization to establish our current status in terms of DPA compliance. 
  10. Review of third party contracts to determine compliance with the DPA and identify the data controllers and data processors within and outside the organization and assist with the preparation of required consents and agreements with the provision of templates as required 
  11. Review, amend and develop policies and procedures including data consent forms and agreements for purposes of compliance with the DPA. 

Qualifications & Requirements

  • Bachelor of Science in Computer Science or an equivalent 
  • Certified Information Systems Auditor (CISA) certification/Certified Information Systems Security Professional (CISSP)/ Certified Information Security Manager (CISM) certification 
  • Have carried out at least one Data Protection Impact Assessment exercise
  • Minimum of three years’ experience working in a data protection compliance or a related field 
  • Hospital experience is an added advantage
  • Strong project management skills. 
  • Ability to work well under pressure and manage sensitive and confidential information

All applications enclosed with a detailed CV should be submitted via email: recruit@mombasahospital.com. Only shortlisted candidates will be contacted. Closing date is 28th February 2025.