Data Protection and Privacy Consultant
The Data Protection and Privacy Consultant (“Consultant”) provides leadership and direct support for the strategy, design, development, implementation, and ongoing management of Medtronic’s Data Protection and Privacy Program activities that address and support European (EMEA) regulatory requirements and best practices.
In collaboration with the Senior Manager, this seasoned professional actively engages with privacy professionals within the team, regional and business unit personnel and leaders to provide privacy expertise and influence to manage operational execution and compliance with EU legal, regulatory and business data protection and privacy requirements.
In alignment with the Global Data Protection and Privacy Program this position focuses on a wide range of business operations activities, practices and standards to meet country and regional European privacy regulatory requirements and international laws.
The Data Protection and Privacy team operates as a high functioning team within a relatively flat team structure. Members of this team are innovative, highly flexible; enthusiastic collaborators; results orientated; independent; actively engaged; and able to influence without direct authority.
In collaboration with data protection and privacy leadership, the broader team, and the business, the Consultant closely aligns with multiple partner stakeholders and the global data protection professionals to design and execute standards and practices for effective data protection across Medtronic. Key responsibilities include:
- By example, to model a culture of ethics and integrity; exercise sound judgment and courage as a trusted advisor to the business and to the team;
- Provide data protection and privacy program and requirements subject matter and point of contact to regional, business, partner functions, and other key stakeholders;
- Conduct and evaluate privacy impact assessment (PIA) activities and provide business consulting for new product development, third party vendor privacy assessments and business consultation requests as required by the PIA standards and procedures. Analyze results to identify trends and patterns that can be used to improve review efficiencies, existing processes, and standards;
- Lead region or business level privacy assessments that results in program enhancement, mitigation and remediation activities;
- Lead or direct the development and implementation of regional or business unit corrective action for privacy incidents or breaches; and provide remediation reporting;
- Collaborate with legal and the business privacy leads to design and implement standards for business response to individual rights requests; such as data subject access requests;
- Collaborate with business resources and leadership and other key stakeholders to implement new legal and regulatory requirements;
- Design, direct and execute data protection and privacy operational compliance monitoring activities in collaboration and coordination with the organization's security, compliance, audit, risk management and other related corporate functions as appropriate;
- Develop and implement business level data protection and privacy policies, standards and procedures and ensure appropriate approvals are secured;
- Deliver subject matter expertise for role- based privacy training;
- Collaborate with the legal team to develop and provide business access to model data protection and privacy documents such as confidentiality notices, consents, authorization forms, contract language, business associate agreements etc.;
- Lead and execute data protection and privacy efforts for the due diligence and integration of acquisitions within the businesses;
- Provide input and detail for budget planning, monitoring, and function metrics;
- Provide subject matter expertise to the US driven core Global Privacy Program;
- Other responsibilities as assigned.
- 10+ years of privacy experience with BS/ BA Degree`
- Master’s or Advanced degree
SPECIALIZED KNOWLEDGE/SKILLS REQUIRED:
- Knowledge of and experience supporting business understanding and compliance with European data protection laws, standards and best practices;
- Experience in supporting and influencing the data privacy, security or equivalent functions for a large, regulated and matrixed organization;
- Strong project/program management experience;
- Well-practiced in leading, presenting to and supporting cross-functional teams;
- Travel 10%.
- IAPP CIPP-E, or similar;
- Experience in the healthcare industry;
- Experience supporting change management projects;
- Experience working with global and/or matrixed IT systems;
- Lean Sigma or Six-Sigma training or experience;
- To have demonstrated:
- experience in building positive relationships work collaboratively with a variety of stakeholders e.g. employees, clients, leadership, authorities and suppliers;
- results orientation (driving to deadlines, financial targets, project goals, etc.);
- ability to work across a matrixed and virtual organization to meet objectives;
- ability to manage multiple priorities simultaneously;
- excellent decision-making skills;
- ability to work with and clearly explain technical information;
- vendor management experience;
- and familiarity with e-Privacy Regulation and GDPR, country laws, ISO and other standards bodies and international standards relevant to the European data privacy environment.
As a global leader in medical technology, services and solutions, Medtronic improves the health and lives of millions of people each year. We believe our deep clinical, therapeutic and economic expertise can help address the complex challenges - such as rising costs, aging populations and the burden of chronic disease - faced by families and healthcare systems today. But no one can do it alone. That’s why we’re committed to partnering in new ways and developing powerful solutions that deliver better patient outcomes.
Founded in 1949 as a medical repair company, we're now among the world's largest medical technology, services and solutions companies, employing more than 85,000 people worldwide, serving physicians, hospitals and patients in over 155 countries. With our European Operations Center for Distribution and Shared Services in Heerlen, the Bakken Research Center in Maastricht, our manufacturing facility in Kerkrade, and the Medtronic Eindhoven Design Center and Dutch sales office in Eindhoven, Medtronic Netherlands has more than 1,500 employees. Whatever your specialty or ambitions, you can make a difference at Medtronic - both in the lives of others and your career. Join us in our commitment to take healthcare Further, Together.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Location: Preferably the Netherlands, Belgium, Spain, Paris or London. Location is negotiable for the right candidate.
Application Submission Information: https://jobs.medtronic.com/jobs/data-protection-and-privacy-consultant-62576