Senior Privacy Officer (Freelance)
In this role, you have the opportunity to develop corporate-wide privacy and data protection principles, policies and practices as well as their implementation within the business unit. The Privacy Officer is responsible for coordinating all business unit activities associated with privacy, as well as monitoring all of the business unit products, services and systems to assure appropriate privacy practices.
-Lead and coordinate privacy activities for healthcare informatics solutions, regarding implementation and adherence to corporate policies in privacy, security, and confidentiality.
-Define privacy and data protection requirements for new businesses and early stage ventures, including Privacy by Design architecture.
-Conduct privacy impact assessments to help business assess and mitigate risks related to processing personal data.
-Maintain existing policies, procedures, practices based on international laws, regulations and standards in the privacy and data protection.
-Create/Collaborate with other Global Privacy Office members on policies, procedures, and practices that align and are consistent with Philips Privacy Code.
-Work Cross functionally with multi-discipline groups on privacy matters.
-Responsible for compliance related to privacy and security.
-Keep up-to-date with new or revised government healthcare laws and regulations pertaining to patient privacy to determine if new policies or modifications of current policies are needed.
-Document privacy data classification in the context of BU support, service and product data flow.
-Apply and differentiate privacy principles relating to different data processing roles.
-Work with Corporate Legal to address privacy elements within customer contracts. Lead/Support Incident, Event and Complaint management in privacy issues.
-Collaborate with Security Officers, Corporate Legal and management on privacy issues.
-Conduct ongoing compliance monitoring and report on privacy metrics.
-Assist in the development and delivery of privacy training and awareness.
-Good verbal and written communication skills.
-Strong technical skills (application and operating system hardening, vulnerability assessments, security audits, intrusion detection systems, firewalls, etc.)
-Strong knowledge and understanding of technology-related law and public policy experience, clinical research and related issues.
Professional Certification or Experience:
-Certified International Privacy Professional Certification or equivalent preferred.
-Minimum 3 or more years experience in legal, privacy, compliance and regulatory areas, preferably in the medical device industry.
-Familiarity with GDPR/EU 95/46, ePrivacy Directive, FDA and FTC regulations, Dutch Data Protection Directive, HIPAA, PIPEDA, US Patriot Act, British Columbia Act 73, Breach Notification laws, ISO and other standards bodies and international standards.
- Masters degree in technical/privacy or regulatory/legal area.
-Familiar with network, system, and telecommunication security.
-Proven technical writing and oral presentation skills.