We are looking for a UK Privacy Lead who will be responsible for leading and overseeing the implementation and ongoing operation of the Global Privacy Program in the UK market. The role will report to the Head of Governance, Process Assurance in our Human Health division, with a dotted line to UK Country Leadership team. The incumbent will lead on privacy matters and will manage, through a matrix structure, a network of privacy stewards embedded in all our divisions across the UK. The role will also serve as the primary contact with the Global Privacy Office for bi-directional communication between the GPO and the UK market. The role will also support the EU Data Protection officer with certain DPO related activities for the UK market.
The selected candidate location for this role must be within the UK. Travel for this role will be 5 – 10%. There will be some travel for assigned internal and external engagements within the UK and may include limited travel for meetings within the EU.
Key Responsibilities:
* Responsible for leading and overseeing the implementation of the Global Privacy Program in the UK
* Maintain a good understanding of the business goals of the UK Market across multiple MSD organisations and lead the relevant Privacy elements required to deliver the business goals.
* Understands MSD’s evolving business priorities of the UK Market across multiple MSD organisations and provides Privacy guidance, advice, and issue resolution for the Company’s collection and use of Personal Data to deliver business goals
* Maintain a good knowledge of all relevant UK Data Protection Laws and as MSD UK’s Privacy expert, advise the business and GPO on these laws.
* Support the Privacy Stewards in fulfilling the roles and responsibilities of a Privacy Steward for the GMSA and AH Organisations.
* Still serve and lead the Privacy Steward role and remain the key contact for the HH organisation
* Serve as the primary contact for privacy related matters for the HH, GMSA and AH Organisations.
* Lead a matrixed network of Privacy Stewards across all relevant MSD legal entities in the UK.
* Provide expert Privacy leadership and strategy to the Human Health, Animal Health and GMSA and GSF organisations.
* Provide Privacy expertise across all other MSD UK legal entities as required.
* Maintain our registration fees with the UK Information Commissioner’s Office
* Lead and undertake the privacy compliance monitoring activities across the UK and guide the privacy stewards on any remediation tasks where needed. This would include activities such as a robust internal audit process, a regular review of cookie requirements on our locally owned websites, creating guidelines/SOPS, privacy notices as required.
* Periodically report to the UK Country Leadership Team on the status of privacy compliance
* Monitor the UK DPO mailbox as the UK primary designated point of contact.
* Perform the annual DSPTT submission required for our local data generation studies.
* Support with the review of Privacy Impact Assessments (PIA) and Data Protection Impact Assessments (DPIA) where required.
* Ensure all data subject requests (DSR) are actioned accordingly and continue to expand the mapping across the UK, where relevant
* Conduct activities in the UK in line with the responsibilities of the UK Data Protection Officer
* Support for Ireland affiliate as required.
Skills & Experience:
* A Bachelor’s degree or equivalent qualifications/experience
* Certified Information Privacy Professional - Europe (CIPP/E) Required
* Certified Information Privacy Manager (CIPM) Required or be willing to undertake the training
* The candidate must be able to demonstrate a good understanding of all the UK Data Protection laws.
* The candidate must be able to demonstrate how they balance business objectives against compliance with privacy laws.
* The candidate must be able to demonstrate clear communication and good team working skills.
* The candidate should have 5-7 years’ experience in the pharmaceutical industry, in any role with direct privacy experience, as well as proven experience managing sophisticated, complex cross-organizational programs.
* Ideally, the candidate will have served in a broad compliance or privacy business role within the Pharmaceutical or Animal Health industries.
* A Bachelor’s degree or equivalent qualifications/experience
* Certified Information Privacy Professional - Europe (CIPP/E) Required
* Certified Information Privacy Manager (CIPM) Required or be willing to undertake the training