Evinova - Data Protection Officer

Location: Barcelona Spain (Onsite) / 3 days working from the office

or Baar Switzerland (Onsite) / 3 days working from the office.

Evinova is a healthtech business accelerating the delivery of better health outcomes by propelling the life sciences sector forward in digital health from the inside. Through our application of sciencebased expertise evidenceled rigor and human experiencedriven insight our digital solutions are deliberately designed so that everyone can reach better health outcomes together. Evinova is a healthtech business within the AstraZeneca Group.

Introduction to Role:

The Evinova Data Protection Officer (DPO) provides both strategic oversight to meet Evinovas regulatory privacy responsibilities and practical daily privacy support to meet the demands of Evinovas growing global healthtech business and expanding customer base.

This is a unique opportunity for an ambitious and intellectual curious privacy expert to play a pivotal role in supporting Evinovas growth trajectory.

As part of a small legal and compliance team the role reports directly to the Evinova Chief Legal and Compliance Officer (CLCO) working closely with the Evinova Chief Operating Officer Evinova Head of Cyber Security and Evinova Leadership Team.

The DPO will be the central point of contact for data subjects and supervisory authorities in relevant markets including in the EU and Switzerland. In addition this role is responsible for global horizon scanning and providing advice and oversight based upon strong subject matter expertise.

The DPO will work with the CLCO to raise privacy capability across Evinovas organisation setting up policies frameworks and governance as needed to help establish a strong first line of privacy defence across the business. Further the DPO will ensure privacy aspects of Evinova customer audits are fully supported and may support privacy aspects of contract negotiations with new customers.

Accountabilities

Evinova representative for data subjects and supervisory authorities:

• Point of contact for supervisory authorities related to Evinova data processing activities and data subjects
• Maintain required licenses registrations and other local regulatory requirements to enable compliant processing and transfer of personal data within the Evinova Group and among Evinova partners/vendors
• Oversight of responses to subject access requests
• Ensure support to data protection impact assessments and serve as contact to authorities as required on data protection impact assessments and other privacy impact assessments
• Reporting of significant and/or serious breaches (whether requiring external notice or otherwise) including advice on remediation measure related oversight and trend analysis
• Partner with Evinova Chief Operating Officer Evinova Head of Cyber Security and Evinova Head of Quality and Audit (where necessary) to monitor compliance with applicable data protection and privacy laws and help develop a robust privacy training programme for the Evinova workforce

• Horizon scanning for key jurisdictions globally including China in consultation with legal external counsel and local resources as needed)
• Collaborating with key stakeholders from product quality compliance IT and the Evinova Business to fufill his/her responsibilities and to foster a global privacy mindset across Evinova
• Support privacy aspects of customer contract negotiations including drafting of data processing agreements and appropriate international transfer mechanisms

Crucial Skills/Experience:

• Legal degree or qualifications with 10 years experience in privacy law and/or Data Privacy Programs.
• Indepth knowledge of GDPR EU/EEA local data protection legislation UK Privacy Act and UK GDPR familiarity with US China and other local data privacy regulations
• Significant experience and knowledge of privacy program elements and best practices/tools

• Significant experience in either the technology and/or life sciences sector with prior experience supporting digital health products
• Excellent analytical written and oral communications skills
• Strong collaborative partnering and interpersonal skills ability to influence across different levels and sectors of the organisation including at Board level
• High ethical standards trustworthy operating with absolute discretion
• Demonstrated ability to remain independent and objective while collaborating effectively with stakeholders
• Comfortable operating in ambiguity in a fast paced work environment

Date Posted

Closing Date

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds with as wide a range of perspectives as possible and harnessing industryleading skills. We believe that the more inclusive we are the better our work will be. We welcome and consider applications to join our team from all qualified candidates regardless of their characteristics. We comply with all applicable laws and regulations on nondiscrimination in employment (and recruitment) as well as work authorization and employment eligibility verification requirements.