Search using our robust engine. Get the recommendations you need to get ahead.
Browse through our expansive list of legal practice areas.
Work where you are or where you would like to be. Find where you will work with LawCrossing.
Use our marketplace to feature your opportunity
Start your search today
Set up your account and manage your company profile on LawCrossing
Look through and compare company profiles
Learn from the legal expert
Discover salaries and the scope of your next job
LawCrossing Works Read Testimonials and Share your Story
Carrot Peelers, Sales, Personality and Your Job Search
In-House
Attorney
Data Privacy
5-10 yrs required
Director, Data Privacy and Security Counsel The candidate will report to the Assistant General Counsel. Will be instrumental in providing strategic direction to support company's compliance with existing and emerging global privacy and data protection laws and regulations. Develop and execute overall global privacy strategy and serve as the key privacy and resource for the Company. Design and establish a global privacy program, including processes for identifying, and inventorying and classifying relevant personal information contained in Company systems, conducting privacy impact and risk assessments, and establishing and/or updating privacy, security and information management policies and procedures. Ensure ongoing monitoring, auditing, and testing of the privacy program to confirm all facets are functioning as intended. Develop and implement a vendor management privacy program to ensure appropriate vetting and auditing of vendors and other business collaborators for compliance with Company-wide privacy requirements. Support and develop privacy liaisons in each region and/or key functions (e.g., HR, clinical operations) to support consistent privacy program adoption. Serve as resource to Legal contracting team to ensure appropriate privacy provisions and protections (e.g., data subject notices, data subject consents, data process or requirements, etc.) are included in legal templates and properly negotiated. into relevant Company agreement templates. Coordinate with IT and other business stakeholders to ensure existing and new Company programs, services and processes involving the processing of personal information comply with applicable privacy requirements. Develop global privacy training materials and other communications to increase employee understanding and awareness of privacy issues and conduct initial and on-going global privacy training. Maintain knowledge of and monitor developments in global privacy requirements and best practices. Create and oversee internal policies and processes for the handling of privacy complaints, suspected data breaches, providing required breach notifications, and data subject information access and deletion requests. Where necessary or appropriate, participates in the representation of the Company before data protection authorities and other relevant regulators and agencies. In conjunction with IT, Legal and Compliance, HR, and where appropriate, outside legal counsel or consultants, manage investigations relating to the Company's privacy and security programs. Respond to data subject inquiries and requests. Work with outside and internal legal counsel and other related internal functions to represent the Company's interests with regulators regarding data privacy legislation, regulations, or standards. Ensure all data processing activities and/or databases are registered with the local privacy/data protection authorities where required. Coordinate with IT to further develop and refine company security programs. Review all system-related information security plans to ensure alignment between security and privacy practices. Report on a periodic basis regarding the status of the privacy program and privacy risks to senior management, the Board of Directors and other responsible committees.
Qualification and Experience
The candidate should have a J.D. degree from an accredited US law school and be admitted to at least one State Bar. Must have 5-10 years of relevant experience in the area of data privacy, security and data governance. Bachelor's degree is required. J.D. and IAPP Certifications such as CIPP/US, CIPP/ITand/or CIPP/M a strong asset. Deep understanding of global privacy and security laws, regulations and best practices, particularly the GDPR, HIPAA, and other national privacy laws in the US, Europe and China is needed. Should have experience in the pharmaceutical or medical device industry and general familiarity with and strong understanding of pharmaceutical operations, core healthcare laws and regulations (e.g., Good Clinical Practice (GCP), Food Drug and Cosmetics Act).
Sign Up Now