European Data Protection Officer

Recruiter
Star
Location
Buckinghamshire
Posted
13 Nov 2017
Closes
16 Nov 2017
Sector
Healthcare
Contract Type
Permanent
Hours
Full Time
This role is based at a Globval Pharmaceutical company based in Buckinghamshire responsible for the implementation and operation of General Data Protection Regulation (GDPR) compliance program

In accordance with Articles 37, 38 and 39 of the GDPR, the DPO will be responsible for cooperating with the Global Privacy Office when undertaking the following:

o Governance

* Serve as local point of contact to cooperate with the EU data protection authorities
* Responsible for providing operational guidance and oversight of The Company's's GDPR compliance, provide a clear chain of command on EU data protection matters, and oversee an EU privacy officer network
* Member of The Company's's Global Data Protection Working Group, a cross-functional committee comprised of global privacy stewards, which includes cross-functional representatives
* Ensure The Company's maintains its appropriate EU data protection documentation and filings
* Manage the responsibilities of the office of the DPO as set forth under the GDPR, in particular, data subject access rights

o Risk Management

* EU data protection legal expert with knowledge of all applicable laws, rules, and regulations, related to: health data, employee, patient/consumer, and customer privacy
* Inform and advise The Company of its obligations pursuant to the GDPR and other EU national data protection provisions as they relate to GDPR
* Maintain knowledge of legal and industry privacy/data protection developments to proactively provide counsel to global business units
* Provide advice on data protection impact assessments (DPIAs) under GDPR Article 35
* Maintain a record of all risk assessments and DPIAs

o Proportionate Policies and Procedures

* Create and maintain The Company's's GDPR policies and procedures
* Oversee the implementation of GDPR policies and procedures
* Maintain a record of relevant documentation relating to the implementation of GDPR policies and procedures

o Communication & Training

* Oversee and direct GDPR guidance and training for all relevant employees and relevant third parties to foster privacy/data protection awareness and an understanding of their GDPR obligations
* Maintain a record of all training and communication in relation to GDPR

Risk

Oversee and monitor compliance with the GDPR and all related policies, procedures, and templates

* Carry out and/or support periodic GDPR compliance risk assessments (e.g., self-assessment and/or data mapping exercises) and assist internal/quality assurance monitoring functions (e.g., Compliance monitoring, IT Audit) to identify risks and collaborate with the Global Privacy Office and business to remediate and mitigate gaps
* Prepare GDPR risk reports, metrics, and compliance activities for senior leadership

o Incidents & Investigations - 15%

* Maintain a record of EU data subject rights inquiries
* Key contact for responding to EU privacy/data protection inquiries, complaints, and incidents (internal and external) in coordination with the Global Privacy Office and local affiliate EU privacy officers

Star is a full service resourcing and outsourcing company which resources at all levels for pharmaceutical, medical devices and technology, clinical research and healthcare communications companies in the UK and Ireland on a headcount and outsourced basis. If you haven't heard from us within 7 working days of submitting your application, please assume that you haven't been successful on this occasion. We wish you the best of luck with your job search.