Other Locations:US- NJ- Summit East
Celgene is a global biopharmaceutical company leading the way in medical innovation to help patients live longer, better lives. Our purpose as a company is to discover and develop therapies that will change the course of human health. We value our passion for patients, quest for innovation, spirit of independence and love of challenge. With a presence in more than 70 countries, and growing - we look for talented people to grow our business, advance our science and contribute to our unique culture.
Position Overview: The Chief Privacy Officer (“CPO”) shall oversee all ongoing activities related to the development, implementation and maintenance of the company’s privacy policies and programs in accordance with applicable laws. Reporting to the General Counsel, this position will also provide strategic direction to the company regarding existing and emerging privacy and data protection laws.
- Builds a strategic and comprehensive privacy program, including appropriate policies and procedures, to enable consistent, effective data privacy practices; to minimize privacy risk; and to ensure the confidentiality of personal data. Ensures privacy forms, policies, standards, and procedures are up-to-date and compliant with laws applicable to the organization.
- Working closely with the CISO, CIO, CCO and other individuals with privacy and data handling responsibilities in the organization, sets strategy and develops global and regional approaches to complex privacy matters involving systems, processes and data handling activities.
- Works with senior management and corporate compliance officer to establish governance for the privacy program.
- Collaborates with the Information Technology (IT) department to ensure alignment between security and privacy compliance programs including policies, practices, investigations; acts as a liaison to the IT department.
- Establishes, with the IT department, systems to track, investigate and report inappropriate or unauthorized access, loss or disclosure of personal data.
- Performs or oversees initial and periodic privacy risk assessment/analysis, mitigation and remediation.
- Conducts related ongoing compliance monitoring activities in coordination with the company’s other compliance and operational assessment functions. .
- Oversees and develops initial and ongoing privacy training to the workforce.
- Participates in the development, implementation, and ongoing compliance monitoring of all facets of the privacy program to ensure all privacy concerns, requirements, and responsibilities are addressed.
- Where necessary or appropriate, represents the organization before data protection authorities and other relevant regulators and agencies.
- Manages all required breach determination and notification processes under laws applicable to the organization.
- Establishes and administers a process for investigating and acting on privacy and security complaints when raised by individuals or regulators.
- With Human Resources department, ensures consistent application of sanctions for violations of privacy policies.
- Initiates, facilitates and promotes activities to foster data privacy awareness within the organization and related entities.
- Maintains current knowledge of applicable global data privacy and security laws and accreditation standards.
- Works with legal counsel, government affairs, and other related internal functions to represent the company’s interests with regulators regarding data privacy legislation, regulations, or standards.
- Serves as data privacy resource to the organization regarding release of information and to all departments for all privacy related issues.
- Reports on a periodic basis regarding the status of the privacy program and privacy risks to senior management and other responsible committees.
- Law degree and/or Master’s degree in regulatory/healthcare compliance preferred
- At least 10 years’ experience in the privacy profession, including time in or advising pharmaceutical companies on healthcare privacy related activities
- In-depth knowledge of global privacy laws related to the pharmaceutical industry
- In-depth knowledge of legal, regulatory, compliance and business environment for the pharmaceutical industry
- Experience with building and implementing a global privacy program
- Experience dealing with European entities and data protection authorities
- Demonstrated ability to work collaboratively within an organization with senior leaders
- Excellent oral and written communication skills
Celgene is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Celgene complies with all applicable national, state and local laws governing nondiscrimination in employment as well as employment eligibility verification requirements of the Immigration and Nationality Act. All applicants must have authorization to work for Celgene in the U.S.