Data Privacy Lead

About The Position

Requirements

• Bachelor’s degree in a relevant field (or equivalent experience).
• 5 – 8 years of experience in a regulated industry, preferably medical device.
• Strong knowledge of GDPR, ISO 27001, and HIPAA.
• Strong knowledge of FDA Quality System Regulations, including but not limited to, 21 CFR Part 11, and 21 CFR Part 820.
• Excellent written and oral communication skills.

Nice To Haves

• Software and/or Software as a Medical Device experience a plus.

Responsibilities

• Lead the organization’s data privacy efforts, ensuring compliance with local, national, and global privacy laws and regulations.
• Implement a Privacy by Design program to support the development and modification of product design to meet evolving global requirements for the use and development of software; including the use of AI.
• Support the Vendor Management team for vendor qualification and implementation/execution of Data Processing Agreements (DPAs) and Transfer Impact Assessments (TIS), as applicable.
• Collaborate cross-functionally to implement technical and organizational measures to ensure data privacy.
• Monitor how personal data is collected, processed, and stored to ensure compliance with local, federal, and international laws.
• Develop and modify, as appropriate, organizational education and training materials to inform employees of privacy duties.
• Advise senior management on privacy matters and integrate privacy into business processes.
• Participate in investigations and impact assessments in the event of information security events.
• Serve as the primary point of contact for data protection authorities and data subjects, handling inquiries, and requests.
• Collaborate cross-functionally to unify and improve data privacy processes in support of various risk management frameworks, including but not limited to ISO 27001, GDPR, and NIST.