Our client is a government department that provides extensive health services - they are embarking on a program to enhance their data infrastructure, data governance and ways of working/capabilities.

The Data Remediation & Reporting Program is focussed on unlocking the value of data from the recently implemented Digital Health Record (DHR) - while also protecting the privacy and security of personal information.

Role Description:

The Data Privacy / Data Governance Analyst will play a critical role in supporting the organisation’s information governance framework by ensuring the proper handling, classification and protection of Personally Identifiable Information (PII) across multiple data assets.

Responsibilities include:

• Reviewing existing data systems, identifying potential risks, and recommending improvements aligned with the Australian Privacy Principles (APPs) and Australian Cyber Security Centre’s Essential Eight mitigation strategies.
• and monitoring practices.
• Planning and project delivery managemen
• Data Discovery & Classification (working with Data Platforms, Data Products, Data Governance and IT security teams
• Governance & Compliance (Ensure PII is managed in accordance with the Australian Privacy Principles (APPs), support audits and risk assessments) related to data handling and privacy compliance
• Suggest recommendations for Security & Risk Mitigation
• stakeholder Engagement (liaise with IT, Data, Compliance, Cybersecurity and business teams)
• Policy and Process Development: (optional if funding to extend the program is confirmed)

Skills and Experience:

A strong understanding of Australian privacy legislation, data classification tools and governance frameworks is essential.

Essential

• Proven experience in a PII data audit engagement.
• Proven experience in a data governance, data privacy or data risk management role.
• Strong knowledge of the Australian Privacy Principles (APPs) and their practical application.
• Familiarity with the Essential Eight cybersecurity strategies and their relevance to data governance.
• Experience using data discovery, classification or cataloguing tools (e.g. Azure Purview, Alation, Collibra).
• Understanding of data security and privacy best practices, including access control, encryption and data masking.
• Ability to analyse complex data environments and identify security/privacy gaps.
• Experience with stakeholder engagement

Highly Desirable

• Experience with Australian health data.
• Knowledge of data protection impact assessments (DPIAs) and Privacy by Design principles.
• Familiarity with cloud platforms (Azure, MS Fabric) and data governance in cloud environments
• Certifications such as Certified Information Privacy Professional (CIPP/A), Certified Information Security Manager (CISM), Microsoft Certified: Azure Security Engineer Associate

Consultant: Colin Massey

Keywords: Data Privacy Analyst, Data Governance Analyst, Australian health data, PII Audit, Personally Identifiable Information, privacy legislation, Australian Privacy Principles, APPs, governance frameworks, Essential 8, Essential Eight, audit, risk assessment, compliance, CIPP, CISM, cybersecurity, Azure Purview, Alation, Collibra, data protection impact assessments (DPIAs), Azure, MS Fabric, cloud, Privacy by Design