ACE Data Privacy/Data Protection Officer

Description

 

Gilead Sciences, Inc. is a research-based biopharmaceutical company founded in 1987. Together we deliver life-saving therapies to patients in need. With the commitment and drive you bring to the workplace every day, you will be part of a team that is changing the world and helping millions of people live healthier, more fulfilling lives. Our worldwide staff is a close community where you can see the tangible results of your contributions, where every individual matters, and everyone has a chance to enhance their skills through ongoing development. Our scientific focus has resulted in marketed products that are benefiting hundreds of thousands of people, a pipeline of late-stage drug candidates, and unmatched patient access programs to ensure medications are available to those who could otherwise not afford them. By joining Gilead, you will further our mission to address unmet medical needs and improve life by advancing the care of patients with life-threatening diseases.

Position Posting Title: ACE Data Privacy & Data Protection Officer (DPO), Assoc. Director / Director

Specific Responsibilities and Skills

The ACE Data Privacy & Data Protection Officer (DPO) is a key contributor to the global Privacy & Data Ethics (“PDE”) Team, and is responsible for managing privacy compliance across Europe, the United Kingdom, Switzerland, Canada and Australia (ACE) region. The PDE team is responsible for Gilead’s global privacy program, including but not limited to, daily operations of the program, implementation, maintenance of policies and procedures, monitoring program compliance, and training. The ACE DPO reports to the Gilead Chief Privacy Officer and may oversee the work of other team members from time to time. The PDE team is a global function and provides matrixed support to corporate business lines as well as country counsel within Gilead’s ACE affiliates.

Responsibilities include, but are not limited to:

Privacy Function

Lead the Company’s privacy programs for ACE to strategically manage potential privacy risks and develop appropriate privacy controls to support business initiatives and use of emerging technologies to ensure compliance with the General Data Protection Regulation (GDPR) and related data protection and privacy matters in accordance with laws and regulations in force in all ACE markets in which Gilead operates. Serve as a resource to ACE country counsel for privacy-related issues and escalations and help maintain a harmonized, global approach to issues. Manage appropriate privacy and confidentiality consents, authorization forms and information notices and materials. Work with IT Security to manage procedures for vetting and auditing vendors for compliance with the privacy and data security policies and legal requirements. Manage the process for addressing complaints and requests from data subjects with respect to the enforcement of their rights under applicable laws. Provide advice on Data Protection Impact Assessments (DPIAs) Manage the relationship with the appropriate regulating bodies to ensure that programs, policies and procedures are consistent with law and regulations. Serve as registered Data Protection Officer for purposes of GDPR and other similar legal compliance requirements.

Incident Response

Evaluate and improve upon process for receiving, documenting, investigating and reporting unauthorized access or disclosure of protected information. Manage breach response, including notification to data subjects, law enforcement and regulators as needed.

Policies and Training

Continue to implement, maintain and improve corporate privacy policies, procedures, and infrastructure. Develop and deliver privacy training materials and other communications to increase employee understanding of company privacy policies, data handling practices and procedures and legal obligations. Work with business teams and senior management to increase awareness of “best practices” on privacy and data security issues. Serve as information privacy resource to the organization regarding release of information and to all departments for all privacy related issues.
 

Qualifications

Professional with strong privacy experience; experience in a life sciences industry preferred. Qualified solicitor preferred. CIPP certification (or equivalent) preferred. Knowledge of European privacy laws regulations and best practices. Proven track record of project and process development, implementation and project management. Results oriented, proactive, responsible and pragmatic with a passion to solve complex problems in creative, efficient and cost-effective way and to translate global compliance environments into actionable policies, processes and programs that enable business objectives. Proven track record of getting things done in complex organizational context, often without formal authority in a highly matrixed environment. Strong knowledge and interest in emerging technologies. Excellent communication skills and outstanding interpersonal skills. Ability to work independently and demonstrated experience prioritizing conflicting demands from multiple business clients in an extremely fast-paced environment. Strong people management skills Self-starter with a high level of initiative and strong work ethic.

As an equal opportunity employer, Gilead Sciences Inc. is committed to a diverse workforce. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact for assistance.