Associate Director, Global Data Privacy Counsel

Tarrytown, New York, US
May 12, 2018
Required Education
Position Type
Full time
Position Summary

Known for its scientific and operational excellence, Regeneron is a leading science-based biopharmaceutical company that discovers, invents, develops, manufactures, and commercializes medicines for the treatment of serious medical conditions. Regeneron commercializes medicines for eye diseases, high LDL-cholesterol, atopic dermatitis and a rare inflammatory condition and has product candidates in development in other areas of high unmet medical need, including rheumatoid arthritis, asthma, pain, cancer and infectious diseases.

The Associate Director, Data Privacy will support our growing organization ensuring full compliance with all applicable privacy laws and regulations globally. In particular the individual will be responsible for developing and enhancing the Company's global privacy program. The position will interact with departments across Regeneron.


Build & Improve the Company's Privacy Program
  • Develop and coordinate an organization-wide privacy risk management and compliance framework and governance structure by undertaking a comprehensive review of the Company's data and privacy process and procedures for each applicable business function to ensure that they are consistent with relevant laws and regulations and the Company's privacy and data security goals and policies
  • Develop, manage and assist in the implementation and maintenance of the Company's information privacy policies and procedures to ensure that business activities are consistent with them
  • Provide leadership in the design and evaluation of privacy and security related projects so that new business activities are developed with privacy by design principles in mind
  • Establish a mechanism to track access and retention of protected health information maintained by the Company
  • Periodically revise the privacy program to reflect changes in laws, regulatory or Company policy and accreditation standards, and monitor advancements in information privacy technologies to ensure organizational adaptation and compliance, as needed
  • Develop privacy training materials and other communications to train employees and third parties, as appropriate, on company privacy policies, data handling practices and procedures and legal obligations
  • Collaborate with internal audit to establish an internal and external privacy audit program

Intra-organizational Collaboration
  • Work with business teams and senior management to ensure awareness of "best practices" on privacy and data security issues
  • Collaborate on cyber privacy and security policies and procedures
  • Interface with Senior Management to develop strategic plans for the collection, use and sharing of information in a manner that maximizes its value while complying with applicable privacy regulations
  • Assist business units with development of tools and methodologies to ensure ongoing compliance
  • Provide strategic guidance to corporate officers regarding information resources and technology
  • Assist the Chief Information Officer with the development and implementation of an information infrastructure
  • Serve as the information privacy liaison for users of technology systems
  • Act as a liaison to the information technology department
  • Collaborate with the legal department on privacy issues relating to business partner contracts and product-related activities
  • Collaborate with the Compliance Investigations Team to develop a process for receiving, documenting, tracking, investigating and taking action on all privacy related complaints

Data Governance
  • Assure that the use of technologies maintain, and do not erode, privacy protections on use, collection and disclosure of personal information
  • Monitor systems development and operations for security and privacy compliance
  • Conduct privacy impact assessments of proposed rules on the privacy of personal information, including the type of personal information collected and the number of people affected
  • Conduct periodic information privacy impact assessments and ongoing compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions including the Compliance Monitoring Team
  • Review all system-related information security plans to ensure alignment between security and privacy practices
· At least 5 years of experience in the privacy profession, with at least five years working in or with pharmaceutical companies on healthcare privacy related activities
· In-depth knowledge of US and EU privacy laws related to the pharmaceutical and clinical research industry
· Experience with building and implementing a global privacy program
· Pharmaceutical and/or biotech experience required
· High level of influencing skills and the ability to drive change as it relates to implementing remedial actions

The ideal candidate will thrive in a highly collaborative, team oriented environment. He/She must have excellent interpersonal and conflict resolution skills.

Requisition Number: 8397BR