Data Protection & Privacy Consultant, Medtronic, Heerlen, the Netherlands, flexible

Careers that Change Lives

In the daily role as a Data Protection & Privacy consultant you will provide leadership and direct support for the strategy, design, development, implementation and ongoing management of Medtronic’s EMEA Data Protection & Privacy Program activities that address and support regional EMEA regulatory requirements & practices.

In alignment with the Global and EMEA Data Protection and Privacy Program policies, standards and requirements, this position focuses on a wide range of operations activities, practices and standards to meet EMEA privacy regulatory requirements such as GDPR, as well as country specific laws throughout the region, ISO and other standards bodies and international standards.

The Data and Privacy COE operates as a high functioning team within a relatively flat team structure.  Members of this team are innovative, highly flexible; enthusiastic collaborators; results orientated; independent; actively engaged; and able to influence without direct authority.

A Day in the Life

In collaboration with data protection and privacy leadership, the broader Data & Privacy CoE team (Team), and the Operational Units, you’ll closely align with multiple partner stakeholders and global data protection professionals to design and execute standards and practices for effective data protection across Medtronic.

Key responsibilities include:

  • Lead by example to model a culture of ethics and integrity; exercise sound judgment and courage as a trusted advisor to the Operating Units and to the Team;
  • Provide data protection and privacy subject matter expertise as key resource for the EMEA privacy program, regional business partners and other key stakeholders;
  • Conduct and evaluate privacy impact assessment (PIA) activities and/or business consulting for new product and service development, material changes to existing products and services and business consultation requests, as required by the PIA standard and procedures;
  • Support analysis of results of assessments to identify trends and patterns that can be used to improve review efficiencies, existing processes, and standards;
  • Design and execute region or business level privacy assessments that results in program enhancement, mitigation and remediation activities as appropriate;
  • Collaborate with key stakeholders, including regional Operating Unit leadership, to support incident response management, root cause analysis and remediation for privacy incident or breaches and regulator/ government privacy issue inquiries and requests as necessary;
  • provide routine remediation status reporting for management and governance oversight as appropriate;
  • Collaborate with business resources and key stakeholders on implementation of new legal and regulatory requirements relating to data protection and privacy impacting the Medtronic legal entities in EMEA;
  • Provide communication and guidance to regional and business leads personnel for implementation of identified requirements;
  • Execute effectiveness testing for high risk implementation activities as appropriate;
  • Collaborate with key stakeholders to develop, obtain required approval and implementation of global, regional or business level data protection and privacy policies, standards and procedures;
  • Support data protection and privacy operational compliance monitoring and auditing activities at regional level (EMEA);
  • Ensure local record keeping and reporting in accordance with global standards and regional/local requirement;
  • Coordinate and design a data protection and privacy training and awareness program in the region in alignment with the broader data protection and privacy training and awareness program as well as ensure standards and processes to monitor individual completion of mandatory training;
  • As appropriate, develop and support standards and processes for Operating Unit access to model data protection and privacy documents such as confidentiality notices, consents, authorization forms, contract language, and other related required documents;
  • In collaboration with key stakeholders, define implementation of standards and processes for Operating Unit responses to individual rights requests, such as data access requests, accounting of disclosures, the right to inspect and copy, restrictions on disclosures, opt-in or opt-out requirements and other related individual rights;
  • Support Privacy Operations in privacy Regional M&A related work such as due diligence;
  • Support budget planning, monitoring, and function metrics and reporting as requested;
  • Identify complex compliance/legal issues and communicate with regional leaders on risks;
  • While performing the duties of this job, the employee is regularly required to be independently mobile.
  • The employee is also required to use a computer, and communicate with peers and co-workers, a travel of 10% is required.

Must Haves

  • Bachelor degree in relevant field of expertise;
  • 10+ years of privacy experience with a Bachelor’s Degree or 8+ years of privacy experience with a Master’s or Advanced degree;
  • Knowledge of and experience supporting business understanding and compliance with EU privacy laws;
  • Experience supporting a data privacy, security or equivalent function directly or indirectly for a large, regulated and matrixed organization;
  • Project/program management experience;
  • Experience with business operations requirements implementation;
  • Experience in supporting cross-functional teams.

Nice to Haves

  • Knowledge of and experience supporting business understanding and compliance with privacy laws in Eastern Europe, Middle East and/or Africa, ISO and other standards bodies and international standards;
  • Proven track record of successful and broad influence management;
  • Experience in the healthcare industry;
  • Experience directly or indirectly with compliance, privacy or similar function;
  • Experience supporting change management projects;
  • Strong knowledge of, and experience in program and project management;
  • Experience working with global and/or matrixed IT systems, services, operations or other related management environment;
  • Experience assessing and defining system specifications preferably in relation to compliance with data protection and privacy regulations;
  • Demonstrated advocate for proper data management systems;
  • Demonstrated experience building positive relationships with a variety of stakeholders, including with employees, clients, senior management, external parties/authorities and suppliers;
  • Demonstrated results orientation (driving to deadlines, financial targets, project goals, etc.)
  • Strong ability to work collaboratively and partner with employees, other leaders, clients, and vendors.
  • Demonstrated ability to work across many levels of an organization, from VP to non-exempt staff
  • Demonstrated ability to work across a matrixed or virtual organization and still meet objectives
  • Demonstrated ability to manage multiple priorities simultaneously.
  • Demonstrated ability to utilize excellent decision making skills.
  • Experience and demonstrated ability to present to a variety of audiences including the ability to translate technical information
  • Lean Sigma or Six-Sigma training/experience
  • Vendor management experience

We Offer

In our 5th Tenet of our Mission we recognize the personal worth of employees by providing an employment framework that allows personal satisfaction in work accomplished, security, advancement opportunity, and means to share in the company's success.

Also a competitive package is of course part of that. We offer a competitive salary and benefits package to all our employees:

  • Flexible working environment;
  • Annual Incentive Plan % depending on company results;
  • Pension scheme and group discount on healthcare insurances
  • Training possibilities via Cornerstone/Harvard Manage Monitor/GetAbstract
  • Employee Assistance Program and Recognize! (our global recognition program)

Your Answer

Is this the position you were waiting for? Then please apply directly via the link at the bottom!

About Medtronic

Together, we can change healthcare worldwide. At Medtronic, we push the limits of  what technology, therapies and services can do to help alleviate pain, restore health and extend life.

We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be.

We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team.

Let’s work together to address universal healthcare needs and improve patients’ lives.Help us shape the future.

Founded in 1949 as a medical repair company, we're now among the world's largest medical technology, services and solutions companies, employing more than 86,000 people worldwide, serving physicians, hospitals and patients in over 155 countries.

Whatever your specialty or ambitions, you can make a difference at Medtronic - both in the lives of others and your own career. Join us in our commitment to take healthcare Further, Together.

Application Submission Information: 

https://jobs.medtronic.com/jobs/data-protection-and-privacy-consultant-91121