Chief Privacy Officer

Recruiter
Regeneron
Location
Tarrytown
Salary
Competitive
Posted
Jul 17, 2017
Closes
Jul 19, 2017
Industry
Healthcare
Employer Type
Direct Employer
Employment Type
Permanent
Hours
Full Time
Known for its scientific and operational excellence, Regeneron is a leading science-based biopharmaceutical company that discovers, invents, develops, manufactures, and commercializes medicines for the treatment of serious medical conditions. Regeneron commercializes medicines for eye diseases, high LDL-cholesterol, and a rare inflammatory condition and has product candidates in development in other areas of high unmet medical need, including oncology, rheumatoid arthritis, asthma, atopic dermatitis, pain, and infectious diseases.

Summary

The Privacy Officer will report to and assist the SVP, Associate General Counsel and Chief Compliance Officer to ensure full compliance with all applicable privacy laws and regulations globally. In particular the Chief Privacy Officer will be responsible for developing and enhancing the Company's global privacy program. The position will interact with departments across Regeneron.

Responsibilities

Build & Improve the Company's Privacy Program
  • Develop and coordinate an organization-wide privacy risk management and compliance framework and governance structure by undertaking a comprehensive review of the Company's data and privacy process and procedures for each applicable business function to ensure that they are consistent with relevant laws and regulations and the Company's privacy and data security goals and policies
  • Develop, manage and assist in the implementation and maintenance of the Company's information privacy policies and procedures to ensure that business activities are consistent with them
  • Provide leadership in the design and evaluation of privacy and security related projects so that new business activities are developed with privacy by design principles in mind
  • Establish a mechanism to track access and retention of protected health information maintained by the Company
  • Periodically revise the privacy program to reflect changes in laws, regulatory or Company policy and accreditation standards, and monitor advancements in information privacy technologies to ensure organizational adaptation and compliance, as needed
  • Develop privacy training materials and other communications to train employees and third parties, as appropriate, on company privacy policies, data handling practices and procedures and legal obligations
  • Collaborate with internal audit to establish an internal and external privacy audit program
Intra-organizational Collaboration
  • Work with business teams and senior management to ensure awareness of "best practices" on privacy and data security issues
  • Collaborate on cyber privacy and security policies and procedures
  • Interface with Senior Management to develop strategic plans for the collection, use and sharing of information in a manner that maximizes its value while complying with applicable privacy regulations
  • Assist business units with development of tools and methodologies to ensure ongoing compliance
  • Provide strategic guidance to corporate officers regarding information resources and technology
  • Assist the Chief Information Officer with the development and implementation of an information infrastructure
  • Serve as the information privacy liaison for users of technology systems
  • Act as a liaison to the information technology department
  • Collaborate with the legal department on privacy issues relating to business partner contracts and product-related activities
  • Collaborate with the Compliance Investigations Team to develop a process for receiving, documenting, tracking, investigating and taking action on all privacy related complaints
Data Governance
  • Assure that the use of technologies maintain, and do not erode, privacy protections on use, collection and disclosure of personal information
  • Monitor systems development and operations for security and privacy compliance
  • Conduct privacy impact assessments of proposed rules on the privacy of personal information, including the type of personal information collected and the number of people affected
  • Conduct periodic information privacy impact assessments and ongoing compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions including the Compliance Monitoring Team
  • Review all system-related information security plans to ensure alignment between security and privacy practices
  • Work with all organization personnel involved with any aspect of release of protected information to ensure coordination with the organization's policies, procedures and legal requirements
Incident Response
  • Develop, implement and train on the Company's Incident Response Plan
  • Mitigate effects of a use or disclosure of personal information by employees or business partners by ensuring the implementation of an incident response plan
  • Administer action on all complaints concerning the organization's privacy policies and procedures in coordination and collaboration with the Compliance Investigation Team and, when necessary, legal counsel
Experience and Required Skills
  • Minimum of 10 years' experience in the privacy profession, with at least five years working in or with pharmaceutical companies on healthcare privacy related activities
  • In-depth knowledge of US and EU privacy laws related to the pharmaceutical and clinical research industry
  • Experience with building and implementing a global privacy program
  • Extensive experience and skill at writing policies and guidance documents supporting various business activities and conducting investigations.
  • Ability to write clearly and prepare professional communications
  • Experience working with teams across full corporate structure
  • Excellent interpersonal and conflict resolution skills and ability to work in a highly collaborative, team-oriented environment
  • High level of influencing skills and ability to drive change as it relates to implementing remedial actions
  • Prior in-house healthcare/pharmaceutical and/or biotech experience preferred
  • Law degree from an accredited institution preferred
  • lAPP Certifications such as CIPP/US, CIPP/E and/or CIPP/M a plus
This is an opportunity to join our select team that is already leading the way in the Pharmaceutical/Biotech industry. Apply today and learn more about Regenerons unwavering commitment to combining good science & good business.

To all agencies: Please, no phone calls or emails to any employee of Regeneron about this opening. All resumes submitted by search firms/employment agencies to any employee at Regeneron via-email, the internet or in any form and/or method will be deemed the sole property of Regeneron, unless such search firms/employment agencies were engaged by Regeneron for this position and a valid agreement with Regeneron is in place. In the event a candidate who was submitted outside of the Regeneron agency engagement process is hired, no fee or payment of any kind will be paid.

Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability status, protected veteran status, or any other characteristic protected by law.