Director, Data Privacy

The Director of Data Privacy role is an individual contributor position, which assists with and leads projects supporting overall Data Privacy initiatives, as directed by the Vice President of Data Privacy. This position is responsible for domestic and global initiatives concerning patient and consumer data, ensuring compliance with U.S. federal and state privacy laws regulations, the EU General Data Protection Regulation (GDPR), and other global data protection regulations. The Director of Data Privacy supports the daily operations of the Compliance/Privacy department related to privacy and data protection. Responsibilities include, but are not limited to, special projects and assessments through data analysis, process improvement, auditing, report development, and policy maintenance. This position reports to the Vice President of Data Privacy.

RESPONSIBILITIES:

• Serve as a subject matter expert on privacy laws and regulations, including HIPAA Privacy, Security and Breach Notification Rules, CCPA/CPRA, GDPR and other domestic and international data protection laws
• Implement and maintain privacy controls to support compliance with applicable legal and
• regulatory requirements across commercialization and patient engagement activities
• Implement privacy controls for marketing, digital engagement, and patient assistance programs to ensure compliant data use practices
• Develop, implement, and maintain frameworks, policies, and procedures to ensure the complaint, ethical and responsible use of AI across the organization
• Support continuous improvements to ensure operational efficiencies within the privacy function
• Collaborate with key internal stakeholders—including Legal, IT, and Business Operations—to review project and data sharing initiatives to ensure alignment with privacy and data governance standards
• Conduct privacy risk assessments and manage privacy-related incidents, providing expert guidance on mitigation strategies and regulatory response
• Monitor and communicate developments in local and global privacy laws, advising on their potential impact to business operations, especially within biotech and healthcare environments
• Develop, lead, and deliver innovative and engaging training programs on privacy, data sharing, and compliance topics across the organization
• Support the Privacy function’s leadership in implementing and monitoring compliance functions in accordance with OCR (Office for Civil Rights) guidance and internal policies
• Prepare clear, qualitative and quantitative analyses and reports for both routine and ad hoc privacy program needs
• Maintain and update peripheral databases, trackers, and reporting tools that support corporate privacy initiatives
• Effectively manage time and priorities to meet deadlines and support the broader Corporate Compliance Privacy Program

QUALIFICATIONS:

• A minimum of 5 years of experience in the healthcare/biotech industry focused on privacy and data protection (prior clinical laboratory preferred)
• Bachelor’s degree or equivalent relevant work experience required
• Advanced knowledge of HIPAA and Hitech regulations required
• Data and AI governance experience required
• Marketing and ad technology experience required
• Research/clinical trials experience a plus
• Certification in Healthcare Privacy (CHCP), CIPP, CIPT, ISEB preferred

KNOWLEDGE, SKILLS, AND ABILITIES:

• • Advanced knowledge of U.S. and global privacy laws and regulations (e.g., HIPAA, CCPA, GDPR)
  • Ability to interact with all levels of organization
  • Ability to deal with confidential information and/or issues using discretion and judgment
  • Critical thinking with excellent research and analytical skills with ability to work cross-functionally
  • Proficiency in identifying, assessing, and reporting compliance gaps and/or internal controls, articulating appropriate recommendations, monitoring and testing for compliance
  • Clear, concise technical writing and presentation skills.
  • Project management
  • Keen attention to detail
  • Advanced computer skills and proficiency in MS Word, Excel, Access, and PowerPoint

#LI-AB1