Responsible for developing and leading the Company's Global Privacy and Data Protection program with the goal of ensuring compliance with all applicable laws and regulations globally. The position will interact with departments/business units across the Company.
- Develops, implements, and manages the Company’s Global Privacy and Data Protection (including GDPR) risk management and compliance framework and governance structure.
- Leads the development, implementation and maintenance of the Company’s Privacy and Data Protection policies, processes and procedures.
- Monitors changes in Privacy and Data Protection laws and regulations globally to ensure Company adaptation and compliance, including all required country registrations.
- Serves as the Company’s subject matter expert on all Privacy and Data Protection laws and regulations globally.
- Prepares and assists with presenting clear, accurate and timely reports on Privacy and Data Protection risks, risk mitigation measures and compliance activities to key stakeholders, senior management and the Board of Directors/Audit Committee.
- Provides leadership and strategic guidance to Departments/Business Units in the design and evaluation of Privacy and Data Protection related tools and projects (e.g., privacy-by-design).
- Establishes a mechanism to track access and retention of protected health information maintained by the Company.
- Develops, implements and delivers Privacy and Data Protection communications and training.
- Collaborates with Information Security to ensure alignment between Cyber Security and Privacy and Data Protection practices. Oversees conduct of data protection impact assessments and provides support such assessments.
- Collaborates with the contracting functions on Privacy and Data Protection matters related to customer and third party contracts.
- In coordination with senior counsel, serves as a liaison to regulatory and data protection authorities for matters relating to privacy and data protection.
- Implements and oversees a process for receiving, documenting, tracking, investigating and acting on all internal and external Privacy and Data Protection requests (e.g., changes to/deletion of information from systems) and complaints. Investigates complaints about breaches of applicable regulations. Maintains a log of incidents of remedial actions.
- In collaboration with other Company departments (e.g., Information Security, Corporate Quality and Vendor Management) establishes an internal and external Privacy and Data Protection monitoring and audit program.
- Manages the collection, analysis and reporting of Privacy and Data Protection program data and metrics for continuous process improvement.
- Participates in client meetings, sponsor audits and regulatory inspections for questions related to Privacy and Data Protection.
- Manages a team of Privacy and Data Protection professionals.
- Identifies and manages external resources/vendors needed to support the Global Data Privacy and Protection program.
- Oversees the development and delivery of data protection representative services to contracted customers.
University degree required with significant experience with U.S. and international privacy program development and management, with particular emphasis in the healthcare and clinical research environments. Law degree and in-house legal experience preferred. Deep knowledge of US and European privacy and data protection laws, regulations and best practices. Innovative, forward-thinking and results-oriented with a passion to solve complex problems in a creative and pragmatic way and to translate laws and regulations into actionable policies and procedures that enable business objectives.
Demonstrated ability to influence and drive internal and external stakeholders to a decision in a matrix corporate environment. Ability to manage a team of privacy professionals. Demonstrated track record of strategic communication and writing skills. Demonstrated ability to work independently, meet tight deadlines and work effectively in a multi-functional, international team environment. Excellent interpersonal skills and work ethic. IAPP certification(s) (CIPP, CIPM, CIPT) a plus. Ability to develop a realistic budget and manage against it.
Application Submission Information: