The Chief Privacy Officer reports to the Associate General Counsel who oversees the company’s global privacy program and is a key member of the team for the Legal & Compliance Department. The Chief Privacy Officer promotes the protection of key personal information across all functional and business areas of the company. He/she is responsible for defining strategy, leading and managing the company’s global privacy and data protection program to ensure compliance with relevant privacy laws and regulations. This individual drives the continued development of Jazz’s privacy program to ensure effective and consistent implementation across the company, including partnering with other functions to develop and implement appropriate privacy policies and procedures. He/she serves as the subject matter expert to the company on issues of privacy and provides expert advice and strategic operational guidance to all functions across the company. The Chief Privacy Officer continually assesses effectiveness of the privacy program, and recommends and implements on-going enhancements to the program. He/she oversees or assists with and helps investigate, manage and mitigate privacy incidents, complaints, or breaches.
The Chief Privacy Officer:
- Serves as the company’s Chief Privacy Officer and administers the company’s global data privacy program.
- Serves as information privacy consultant to Company employees, and provides legal analysis and advice on privacy and data protection topics, including HIPAA and state privacy laws, EU data privacy regulation (including General Data Protection Regulation and Privacy Shield), FTC consumer privacy regulations, data breach laws, etc.
- Develops and implements corporate privacy policies and supports the development and implementation of business-specific processes and procedures related to privacy, and ensures existence of other privacy-related controls.
- Performs initial and periodic privacy risk assessments and conducts related ongoing compliance monitoring activities in coordination with the company’s other risk management functions.
- Works closely with the Jazz IT Department on matters of cyber-security and to ensure alignment between corporate cyber-security and privacy compliance programs.
- Works with other functions to ensure the company has and maintains appropriate privacy and confidentiality consent, authorization forms, and information notices and materials reflecting current legal and regulatory practices and requirements.
- Collaborates with other members of the Legal & Compliance Department and business functions to analyze and assist with pertinent privacy aspects of legal agreements.
- Oversees, directs, delivers, or ensures delivery of privacy training to employees, contractors, business associates, and other appropriate third parties.
- Initiates, facilitates and promotes activities to foster privacy awareness within the company.
- Evaluates data-related incidents and guides their appropriate resolution consistent with applicable law and sound business practices.
- Keeps informed of new laws, regulations, and industry trends affecting the company, and assists with development of privacy policies as needed.
- Monitors advancements in information privacy technologies to ensure organizational adaptation and compliance.
- Works closely with other members of the Legal & Compliance Department to ensure consistency in approach across areas of the overall business.
- Supports major transactions, including M&A and other business development transactions, as needed.
- Willingly assists Legal & Compliance Department colleagues with projects and activities in areas outside of his/her primary areas of responsibility as needed to contribute to a collegial atmosphere and to balance workloads.
Required Knowledge, Skills, and Abilities
- Demonstrated knowledge and experience with privacy and data security laws and regulations and ability to translate that knowledge to deliver relevant and actionable guidance to the business.
- Excellent legal judgment and the ability to provide pragmatic and strategic legal advice to the business.
- Experience leading or supporting privacy and data breach investigations and, upon the identification of root cause, guiding resolution, communicating findings, and advising on risks and appropriate responses.
- Ability to work both independently and collaboratively, with a record of developing strong working relationships across the organization.
- Demonstrated experience identifying and resolving compliance and legal issues quickly and effectively.
- Demonstrated experience prioritizing conflicting demands from multiple business units in a fast-paced environment.
- Excellent verbal and written communication skills.
- Periodic travel throughout the United States and Europe is required.
Required/Preferred Education and Licenses
- Bachelor’s degree and J.D. from an ABA-accredited U.S. law school, current admission to the bar of at least one US state, eligibility for practice as in-house counsel in CA or PA required.
- Minimum of 7 years of relevant experience dealing with privacy issues, either with a law firm or in-house, with strong preference for past professional experience in pharmaceutical or healthcare industry.
- Relevant technical certifications such as a Certified Information Privacy Professional (CIPP) or other relevant certifications offered by the International Association of Privacy Professionals (IAPP) preferred.
Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law.