The Cross-Sector Sr. Manager, Privacy Compliance Officer of Johnson & Johnson Family of Companies in South Korea is responsible for developing and implementing the privacy program for all J&J companies in South Korea, identifying privacy risks and developing, maintaining and implementing policies and procedures, training and controls to ensure Johnson & Johnson’s businesses are operating appropriately with regard to applicable privacy laws and regulations and J&J policies. This role includes coordination of all activities related to implementation of and adherence to Johnson & Johnson Privacy policies and applicable data protection laws, in accordance with the Johnson & Johnson Privacy Framework.
· Ensures compliance to Personal Information Protection Act (PIPA), Act on the Promotion of Information and Communications Network Utilization and Information Protection Act (“ICNA”), related laws and all applicable Johnson and Johnson privacy and data protection policies and procedures.
· Establishes and implements a personal information protection plan
· Processes complaints and implements relief relating to personal information processing
· Partner with Information Security Officer to establish internal control systems that prevents leakage, abuse, misuse of personal information and protects the confidentiality of personal information files.
· Establishes and implements training on personal information protection
· Effectively aligns with key stakeholders in Operating Company to ensure that personal information processing activities of the company comply with Johnson & Johnson Privacy Principles and applicable Privacy laws and regulations
· Ensures local oversight of Privacy Compliance Programs. Advises executive and senior management team of their responsibilities and obligations and helps them develop a culture of compliance
· Identifies Privacy risks and issues. Advises all staff whose activities possibly put the company at risk and provides actionable solutions to remediate risks and issues
· Familiarity with the healthcare industry and its business processes; in industry, preferably health care industry
· Functional understanding of applicable Privacy laws and regulations
· Significant experience with the roll out of (privacy) compliance programs and their management
· Ability to maintain the highest standards of quality, compliance and accountability when advising the business
· Demonstrable ability to engage with a range of business units and functions and uncover their objectives and needs
· Ability to translate a wide variety of principles and, sometimes complex, legal requirements into actionable solutions for the business
· Excellent organizational, facilitation, communication, and presentation skills
· Global mindset and preparedness to incorporate global standards and practices, for consistency and efficiency reasons
· Ability to work autonomously.