Privacy Counsel

Position Overview:
The Privacy Counsel will be responsible for overseeing and managing privacy compliance across all business operations within the company, with a primary focus on data protection and privacy regulations applicable to the pharmaceutical industry. The Privacy Counsel will collaborate with various teams, including legal, compliance, IT, and business units, to implement and monitor privacy policies and procedures, while providing expert legal advice on privacy-related issues.

Key Responsibilities:

• Advise on privacy and data protection laws, regulations, and best practices, including GDPR, HIPAA, CCPA, and other applicable global privacy laws, and their implications for the company's operations.
• Develop and implement privacy policies, procedures, and strategies to ensure compliance with applicable privacy laws and regulations in all regions where the company operates.
• Provide legal guidance to the company on the handling, processing, storage, and transfer of personal data in connection with research, development, clinical trials, marketing, and customer relations.
• Conduct risk assessments, privacy impact assessments (PIAs), and data protection impact assessments (DPIAs) to ensure privacy risks are identified and mitigated.
• Lead responses to data breaches, including incident reporting, regulatory notifications, and corrective action plans.
• Oversee privacy training and awareness programs to ensure all employees understand their obligations under privacy laws and company policies.
• Monitor legislative and regulatory developments in the privacy and data protection landscape, keeping the company informed and prepared for compliance with emerging requirements.
• Collaborate with cross-functional teams (IT, Compliance, Regulatory Affairs, etc.) to ensure privacy is integrated into business processes and data governance frameworks.
• Draft and negotiate data protection clauses in contracts with vendors, third parties, and business partners.
• Serve as a primary point of contact for internal and external stakeholders on privacy-related matters.

Qualifications:

• J.D. or equivalent legal degree, with active bar membership in good standing.
• At least [X] years of experience in privacy and data protection law, ideally within the pharmaceutical or healthcare industry.
• Strong knowledge of privacy regulations, including GDPR, HIPAA, CCPA, and global data protection frameworks.
• Experience with privacy compliance in clinical trials, research, and pharmaceutical operations is highly desirable.
• Ability to analyze complex privacy issues and communicate legal advice to non-legal stakeholders in a clear and concise manner.
• Strong problem-solving skills and the ability to manage multiple projects simultaneously.
• Exceptional communication, negotiation, and interpersonal skills.
• High level of integrity, professionalism, and attention to detail.

Preferred Qualifications:

• Certified Information Privacy Professional (CIPP) or similar privacy certifications.
• Familiarity with data security and cybersecurity regulations and best practices.
• Experience in a global or multinational environment, with knowledge of international privacy laws.