Senior Privacy Manager

Abbott

1d•Onsite

About The Position

Abbott is a global healthcare leader with 115,000 colleagues serving people in over 160 countries, offering life-changing technologies in diagnostics, medical devices, nutritionals, and branded generic medicines. The company is seeking an experienced privacy professional to lead privacy compliance operations for its Medical Devices Divisions and functions in Sylmar. This role requires a seasoned privacy professional with a proven track record in collaboratively and pragmatically directing data protection needs and issues for a multi-national company. The successful candidate will build effective relationships with business unit leaders and other clients, partnering with Abbott's global corporate teams. The position demands an organized, process-oriented individual adept at managing deadlines and building strong relationships with global business stakeholders, capable of managing multiple privacy projects reactively while enhancing existing processes for efficiencies. Reporting to the Global Privacy Officer for Medical Devices, this role manages privacy program operations, reviews privacy controls, mechanisms, and protocols across the organization and product line, and supports global digital transformation initiatives. The team member will work cross-functionally with Privacy, Legal, Compliance, Engineering, and Product Teams. Experience with privacy by design, third-party due diligence, privacy impact assessments, and regulatory privacy compliance, as well as overall operational and programmatic privacy experience, is essential. The candidate should have a passion for privacy and proven experience in advising on privacy risks and mitigations, evaluating control effectiveness, improving process efficiency and scalability, providing privacy consultation, tracking global privacy requirements, and synthesizing data for risk management.

Requirements

Bachelor’s degree in computer science, Privacy Engineering, Information Technology, or a related technical field.
7+ years of progressive privacy program management, compliance, and or program management experience.
5 + years of experience with privacy in an engineering and or technical implementation context.
Fluency and proficiency in privacy preserving methods and technology.
Strong verbal and presentation skills to facilitate communicating complex topics with diverse stakeholders during trainings or meetings.
Detail-oriented, highly organized and independent; capable of managing a wide range of diverse projects with minimal supervision.
Significant experience implementing and managing applicable regulatory frameworks (e.g., GDPR, HIPAA, CPRA and other U.S. state laws).

Nice To Haves

Experience in healthcare or tech (preferred for the 7+ years experience).

Responsibilities

Develop and implement standards, processes and technical solutions to ensure privacy policies are correctly implemented. The implementations should advance compliance with legal and business forms of data processing.
Inform and advise Abbott commercial teams of their obligations to comply with the U.S. and global data protection laws and requirements, including HIPAA and GDPR.
Lead privacy reviews for Generative Artificial Intelligence related matters and guide divisions with Generative AI related advising.
Be a member and participate in divisional Data Use and Ethics Councils.
Guide the development of new privacy products and features, as well as the review of in place products and technology to ensure persistence of privacy controls.
Identify areas of improvement in local practices relative to managing data privacy.
Assist with regular privacy assessments of operational processes, identifying, and mitigating risks through effective tools, training, and guidance.
Assist with tracking categories of privacy threats and vulnerabilities to proactively address potential future variances
Communicate program progress, escalations, and issue analysis to key stakeholders.
Increase privacy maturity in the technical and compliance teams by providing privacy education, training, and mentoring
Closely interact with local teams in case of regulator inquiries or addressing data subject rights and drive for delivering system related / technical information and analysis needed to work up the cases and draft responses
Conduct privacy risk assessments of multiple product components, and determine how to bridge between data regulations, governance, practical engineering practices, and policy practices.
Develop, maintain, and publish design or technical documentation to drive consistency in privacy decisions and practices.
Drive and develop executive-level briefings on progress across major privacy control development frameworks.