Data Protection and Privacy Specialist

by Alimentiv

Position Type: Full-time
Location: London, ON
Date Posted: Jul 24, 2021
Alimentiv

Job Description

 

Data Protection and Privacy Specialist

JOB TITLE: Data Protection And Privacy Specialist

JOB LOCATION: UK, Netherlands, Germany, or Canada,  (Home-based)

REPORTS TO: Senior Legal Counsel

DEPARTMENT/UNIT: Legal

 

JOB SUMMARY:

 

Are you passionate about data and privacy protection? This is a unique opportunity to serve as a Data Protection and Privacy Specialist where you will engage with Alimentiv’s internal operations teams, customers, partners and vendors on privacy and data governance issues relating to all aspects of our business. Including; acting as the initial point of contact for privacy compliance inquiries, assisting on audit teams, facilitating meetings with systems experts,  completing data privacy impact assessments (DPIAs) and other compliance documents and assisting with the maintenance of  privacy and security compliance programs (e.g. ISO 27001, SOC2) and related policies. Reporting to the Sr. Legal Counsel, you will execute our program initiatives to ensure the correct privacy controls and data protection and governance processes are implemented and documented to optimize compliance with data privacy and security laws, regulations, policies and procedures and data governance best practices throughout the organization and for our study subjects.  

 

 

ROLE & RESPONSIBILITIES:

 

Privacy Management and Compliance

  • Support current processes and frameworks for compliance with privacy and data security laws in existing and emerging markets.
  • Build a maintenance cycle to ensure policies, training, incident handling programs and DPIAs are current.
  • Monitor the activities of assigned IT departmental disciplines to ensure compliance with internal policies and procedures including monthly, quarterly, and annual activity reviews.
  • Identify and report on gaps with respect to first line of defense controls and track associated corrective actions designed to close gaps.
  • Manage and complete DPIAs, working with system owners and IT as necessary for new systems /tools and processes.
  • In conjunction with the Enterprise Analyses team, ensure the completion of data inventory and mapping for existing and new systems and functions.
  • Participate in audits where knowledge of our data and privacy security practices is required.
  • Engage SMEs for Sponsor and vendor compliance questionnaires – creating electronic questionnaire bank to ensure consistent responses.
  • Liaise with QA to ensure we are meeting CAPA and contractual obligations.
  • Maintain SOC and ISO standards.
  • Ensure completion of Annual System reviews.
  • Create and monitor performance indicators to determine the effectiveness of privacy controls.

 

Privacy Consulting

  • In conjunction with legal team, monitor and stay familiar with applicable global laws and regulations.
  • Server as a privacy subject matter expert to the organization, providing practical advice and/or guidance to internal stakeholders, including the Privacy Officer on privacy and data security governance requirements.
  • Actively participate on Alimentiv’s Privacy Committee.

 

Communications and Training

  • Escalate any legal, regulatory or reputational risk to the PO and VP, IT.
  • Build reports including status of any issues, lessons learned and highlight risk.
  • In partnership with QA, IT and HR, ensure there is a central repository for storing all privacy related incidents and actions.  
  • Provide reports related to performance indicators to the PO and senior leadership team.
  • Design and implement general and function-specific training.

 

QUALIFICATIONS

 

  • Minimum of a college diploma/degree and 4-6 years of related experience + substantial on-going training.
  • Privacy and data security certifications or in process (e.g. CIPP/C and/or CIPP/E) are considered an asset.
  • Previous experience with QA/privacy and compliance processes in a healthcare environment
  • Audit support experience
  • Demonstrated general knowledge of applicable privacy laws and regulations.
  • Strong time management and prioritization skills with a demonstrated ability to execute against multiple projects and excel in a fast-paced work environment.
  • Excellent analytic and organizational skills.
  • Strong writing and facilitation skills and ability to communicate verbally.
  • Ability to prepare and deliver training sessions.
  • Strong MS Office skills (Excel, PowerPoint).
  • Ability to work with various stakeholders, including cross-departmental teams and leadership
    Project management skills an asset.

 

WORKING CONDITIONS:

 

  • Office/Home-based

 

*Accommodations for job applicants with disabilities are available

Apply