Why Syneos Health? Join a game-changing company that is reinventing the way therapies are developed and commercialized. Created through the merger of two industry leading companies, INC Research and inVentiv Health, we bring together more than 24,000 clinical and commercial minds to create a better, smarter, faster way to get biopharmaceutical therapies into the hands of patients who need them most. Evolve in a global company that is always looking for ways to work smarter and more efficiently as the only fully integrated Biopharmaceutical Accelerator. You'll be supported with comprehensive resources based on today's emerging technologies, data, science and knowledge - instead of practices from the past. Teaming with some of the most talented professionals in the industry, you'll gain exposure and work in a dynamic environment to over-deliver and outperform. A career with Syneos Health means your everyday work improves patients' lives around the world.
Responsible for supporting the development, implementation and maintenance of the Company's Global Privacy and Data Protection program with the goal of ensuring compliance with all applicable laws and regulations globally, with a focus on the Americas region. The position will interact with departments and business units across the Company.
Supporting the Global Privacy Officer:
Develop, implement and maintain the Company's Privacy and Data Protection policies, processes and procedures.
Monitor changes in Privacy and Data Protection laws and regulations globally to ensure Company adaptation and compliance, including required country registrations.
Provide legal advice regarding the implications of new privacy and data protection laws and regulations globally that impact the Company`s business.
Identify and implement data privacy best practices.
Provide strategic guidance to Departments/Business Units in the design and evaluation of Privacy and Data Protection related tools and projects (e.g., privacy-by-design).
Establish a mechanism to track access and retention of protected health information maintained by the Company.
Develop, implement and deliver Privacy and Data Protection communications and training.
Collaborate with Information Security to ensure alignment between Cyber Security and Privacy and Data Protection practices. Oversee conduct of data protection impact assessments and support such assessments.
Collaborate with the contracting functions on the drafting, review and negotiation of Privacy and Data Protection matters related to customer and third party contracts (e.g., data transfer agreements, privacy notices/policies).
In coordination with the Global Privacy Officer and Data Protection Officer, assist with regulatory authorities, including the FTC, OCR, Canada's OPC, and privacy regulators in Latin America, for matters relating to privacy and data protection.
Implement and oversee a process for receiving, documenting, tracking, investigating and acting on internal and external Privacy and Data Protection requests (e.g., changes to/deletion of information from systems) and complaints. Investigate complaints about breaches of applicable regulations. Maintain a log of incidents of remedial actions.
In collaboration with other Company departments (e.g., Information Security, Corporate Quality and Vendor Management), establish an internal and external Privacy and Data Protection monitoring and audit program.
Manage the collection, analysis and reporting of Privacy and Data Protection program data and metrics for continuous process improvement.
Participate in client meetings, customer audits and regulatory inspections for questions related to Privacy and Data Protection.
Participate in data security incident responses affecting the Company.
Coordinate cross-functionally to provide data privacy support and guidance with respect to the Company's records management program.
Support the development and delivery of data protection representative services to contracted customers.
Role may be assigned to manage Privacy and Data Protection professionals.
Perform other work-related duties as assigned. Minimal travel may be required (up to 25%).
Completion of law school with a J.D. or L.L.B. degree and admission to the bar and in good standing in at least one jurisdiction in the United States required.
8 years of legal experience as a practicing attorney, with at least 3 of those years advising on global data protection/ privacy laws and requirements.
Experience as in-house counsel strongly preferred.
Experience with U.S. and international privacy program development and management preferred, with particular emphasis in the healthcare and clinical research environments.
Knowledge of US and international privacy and data protection laws, regulations and best practices required (e.g., HIPAA, CAN-SPAM, CCPA, TCPA, PIPEDA, CASL, Privacy Shield, and GDPR).
Innovative, forward-thinking and results-oriented with a passion to solve complex problems in a creative and pragmatic way and to translate laws and regulations into actionable policies and procedures that enable business objectives.
Demonstrated ability to influence and drive internal and external stakeholders to a decision in a matrixed corporate environment.
Ability to work independently, meet tight deadlines and work effectively in a multi-functional, international team environment.
Excellent interpersonal skills and work ethic. Strong communication and writing skills.
IAPP certification(s) (CIPP/E, CIPP/US, CIPM) preferred.
Tasks, duties, and responsibilities as listed in this job description are not exhaustive. The Company, at its sole discretion and with no prior notice, may assign other tasks, duties, and job responsibilities. Equivalent experience, skills, and/or education will also be considered so qualifications of incumbents may differ from those listed in the Job Description. The Company, at its sole discretion, will determine what constitutes as equivalent to the qualifications described above. Further, nothing contained herein should be construed to create an employment contract. Occasionally, required skills/experiences for jobs are expressed in brief terms. Any language contained herein is intended to fully comply with all obligations imposed by the legislation of each country in which it operates, including the implementation of the EU Equality Directive, in relation to the recruitment and employment of its employees.
INC Research Inc