Sunovion Pharmaceuticals Inc.
The Counsel, Privacy role at Sunovion is appointed by and reports to the Assistant General Counsel, Legal Affairs. The Counsel, Privacy promotes sound Information Governance practices and the protection of key personal and non-personal information across all functional and business areas of the Company. This individual will be charged with developing the Company’s information governance and privacy strategy, leading and managing the Company’s Information Governance and Privacy, records management and Data Protection programs (“Information Governance Programs”) to ensure compliance with relevant privacy laws and regulations throughout the world, specifically within North America, Europe and Asia with an appreciation of requirements as a subsidiary of Sumitomo Dainippon Pharma Co., Ltd. of Japan. The incumbent will continually assess the effectiveness of the Information Governance Programs, recommend and implement enhancements as appropriate. He/she will oversee or assist with and help investigate, manage and mitigate privacy incidents, complaints or breaches. He/she will also support legal and business colleagues on privacy issues that may arise related to commercial contracts, business initiatives and other matters.
Independently or with the assistance of outside counsel/contractor, the individual should be prepared to undertake the following functions:
Assess the Company’s current data privacy environment by undertaking a comprehensive review of the Company's data privacy processes and procedures for each applicable business function.
In partnership with key internal partners, support the Assistant General Counsel in leading the Information Governance Team, which approved and oversees appropriate policies and processes for information governance to enable the Company to comply with applicable privacy, security and records management laws.
As part of the broader Information Governance Office activities, deploy, manage and administer a global privacy program, strategy and policy across affiliate and sister companies and in close coordination with the Japanese parent company. Develop and track an action plan to operationalize privacy across the organization and ensure compliance with all privacy and data protection laws, including the EU/GDPR.
Also in partnership with key internal partners, develop and implement a corporate-wide data privacy risk management and compliance framework.
Support the development and assist in the implementation and maintenance of the Company's Information Governance Office’s policies, trainings and procedures consistent with leading industry practices, including local country requirements and handling of cross-border information.
Provide oversight of the Information Governance function to facilitate compliance with corporate policy and applicable laws and regulations related to the management of information (personal and non-personal), including serving as the subject matter expert to the Company on issues related to information governance and privacy.
As laws, regulations and the business environment evolve, recommending modifications to Company policies, trainings, practices or agreements relating to privacy, data protection and records management.
Provide oversight, management and direction of the organization’s corporate records and information management program in accordance with all local, state, federal and international laws/regulations.
Collaborate with and advise Company’s parent as well as sister companies and on global privacy, records management and data protection matters.
Develop privacy training materials and other communications to train employees and third parties, as appropriate, on Company privacy policies, data handling practices and procedures and legal obligations.
Performs initial and periodic privacy risk assessments (e.g. PIAs) and conducts related ongoing monitoring activities in coordination with the Company’s other risk management functions.
Works with other departments to ensure the Company has and maintains appropriate privacy and confidentiality consent, authorization forms, and information notices and materials reflecting current legal and regulatory practices and requirements.
In partnership with IT, monitors advancements in information privacy technologies to ensure organizational adaptation and compliance.
Assist Legal department colleagues with projects and activities in areas outside of his/her primary areas of responsibility as needed to contribute to a collegial atmosphere and balance workloads.
Establishing and maintaining corporate privacy and data protection policy and business practice guides.
Providing legal advice and day-to-day assistance on Information Governance matters across the organization, including new digital and mobile initiatives.
Monitoring compliance with US and ex-US policies and laws.
Leading and managing information governance activities for the organization and act as principal liaison for such activities with colleagues in the legal departments at corporate parent, sister and affiliate companies.
Education. Minimum bachelor’s degree and J.D. from an accredited university.
Years of Experience. 7+ years of business management or compliance experience, with at least 5 years handling complex privacy, compliance or data security issues.
Demonstrated Knowledge and Skills. Understanding of world-wide compliance, privacy and data protection laws and regulations (US, European, Asia-Pacific), fair information practices and core privacy and data protection principles, direct marketing techniques, workplace monitoring, online privacy, and information security.
In-depth knowledge of US, Japanese and EU privacy laws related to the pharmaceutical industry.
Experience working in the pharmaceutical industry or a related field on healthcare/data privacy related activities.
Experience advising on mobile and digital health privacy and security matters.
Demonstrated strategic thinking skills, creative problem solving and analytical skills and verbal and written communication skills, including meeting facilitation and presentation skills.
Demonstrated ability to work in a matrix type organization; demonstrated process management and leadership skills and demonstrated time and project management skills.
Experience in deploying, managing and maintaining complex and global programs and projects.
Ability to work in a flexible, dynamic work environment.
Active within compliance, privacy and data protection professional communities.
lAPP Certifications such as CIPP/US, CIPP/E and/or CIPP/M a plus.
The Counsel, Privacy will manage one full time employee in Records Information Management, may have oversight for contractors, and will report directly to the Assistant General Counsel, Legal Affairs. In addition, the individual will be required to establish strong working relationships with key individuals outside the legal department including Human Resources (HR), Corporate Communications, Corporate Compliance, Audit, Research & Development, Information Technology and other business units.
Balancing policies and practices with different business environments and cultures encountered in different business units and in different locations in Europe and Asia.
Being cognizant of new products, services, and business transactions across such a diverse Company.
Managing information governance, privacy and data protection compliance across a global company.
Technical. Familiarity with information technology (applications and architectures) used in enterprise systems and security frameworks and policies.
Functional. Familiarity with clinical research and patient privacy data protection issues, marketing and market research, human resources, and information security frameworks and principles.
Leadership. Experience serving as senior management and leading in a matrix-managed environment.
All information (written, verbal, electronic, etc.) that an employee encounters is considered confidential.
Achieve and maintain Compliance with all applicable regulatory, legal and operational rules and procedures, by ensuring that all plans and activities for and on behalf of Sunovion are carried out with the best industry practices and the highest ethical standards.
Fast paced environment handling multiple demands. Must be able to exercise appropriate judgment as necessary. Requires a high level of initiative and independence. Excellent written and oral communication skills required. Requires ability to use a computer for extended periods of time.
Sunovion Pharmaceuticals Inc.
Website : http://www.sunovion.com
Sunovion is a global biopharmaceutical company focused on the innovative application of science and medicine to help people with serious medical conditions. Sunovion’s spirit of innovation is driven by the conviction that scientific excellence paired with meaningful advocacy and relevant education can improve lives. The Company has charted new paths to life-transforming treatments that reflect ongoing investments in research and development and an unwavering commitment to support people with psychiatric, neurological, and respiratory conditions. Sunovion’s track record of discovery, development and commercialization of important therapies has included Brovana® (arformoterol tartrate), Latuda® (lurasidone HCI), and most recently Aptiom® (eslicarbazepine acetate).