Johnson & Johnson Careers
Manager, Privacy Compliance EMEA - Pharmaceuticals
Requisition ID: 00001EH9
Privacy Compliance is currently recruiting a Manager, Privacy Compliance, EMEA for the Pharmaceutical Sector to be preferably located in any of our lead clusters in for the Pharmaceutical Business (e.g. Belgium, United Kingdom, Germany, France, Spain).
The Manager will lead and drive the Privacy Compliance program for Johnson & Johnson operating companies in the Pharmaceutical Sector. He/She will serve as a strategic business partner towards all covered employees and company functional leadership (e.g. CRM, Marketing, R&D, IT, R&D, etc.) to ensure that the Privacy Compliance program effectively prevents and/or detects violations of law, regulations and policies.
The position will require 10-25% of travel, depending on business assignment and need.
Essential duties and responsibilities
- Assists the Senior Manager for the Pharmaceutical Sector and the Director Privacy Compliance in the region with his/her oversight responsibility of Privacy Compliance for the Pharmaceutical Sector:
- Ensures data about Privacy Compliance program is collected and analyzed consistently for the sector.
- Provides data and input to the Privacy Leadership Team to ensure that the Privacy risks of the assigned sector(s) are addressed in the overall Privacy Compliance strategy and allocation of resources by the Global Privacy Team.
- Collaborates with business process owners in the region to understand the Privacy risks of new business processes and provides guidance to ensure Privacy controls are embedded into the design of these processes.
- Assists the EU DPO with the fulfilment of legal obligations under GDPR, in particular:
- To maintain the organization’s internal records of processing activities, in accordance with GDPR art.30;
- To provide advice as regards the Data Protection Impact Assessments (DPIA) and monitor their performance, in accordance with GDPR art.35;
- Partners with company leadership and Privacy liaisons in an assigned cluster of countries, to ensure Companies deploy a Privacy Compliance program that effectively prevents and detects violations of law, regulations, policies and that includes the following components:
- Assignment of functional leaders who are accountable for privacy compliance (e.g. incident response team/process and audit readiness process for each operating company within the country cluster)
- Understanding of risks related to business processes that involve personal information and provision of guidance to mitigate these risks
- Education, training, and regular communications on Privacy Compliance to all relevant employees
- Any required reporting obligations to data protection authorities
- Presentations to management, covering the status of the Privacy Compliance program
- Self and risk assessments, to detect process gaps and inconsistencies
- Preparation for internal and external Privacy compliance audits and implementation of corrective action solutions
- Privacy incident response processing
- Interfaces with legal counsel regarding Privacy Compliance requirements, interpretation and Privacy Incident Response process
- Interfaces with the global/regional Privacy Compliance community to share approaches to Privacy Compliance and serve on teams to harmonize and standardize company approaches to privacy.
Other duties may be assigned.
- Minimum of bachelor’s degree (e.g. with legal, regulatory or IT background)
- Functional understanding of applicable Privacy laws and regulations in Europe, preferably with multi-national companies
- Minimum of 5 years business experience; familiarity with the healthcare industry and its business processes
- Familiarity with the roll out of compliance programs
- Good working knowledge of common IT systems, processes and information security practices
- IAPP or equivalent certification
- Familiarity with working in-house in a matrixed regulated global corporation
Required Skill Set
- Ability to maintain the highest standards of quality, compliance and accountability when advising the business
- Demonstrable ability to engage with a range of business units and functions and uncover their objectives and needs
- Ability to translate a wide variety of principles and, sometimes complex, legal requirements into actionable solutions for the business
- Excellent organizational, facilitation, communication and presentation skills
- Global mindset and preparedness to incorporate global standards and practices, for consistency and efficiency reasons
- Ability to work autonomously
- Fluent in English
Europe/Middle East/Africa-Spain, Europe/Middle East/Africa-Germany, Europe/Middle East/Africa-United Kingdom, Europe/Middle East/Africa-France
Janssen Cilag N.V./S.A. (7025)
Health Care Compliance and Privacy