Help us shape the future. Elevate is changing the way legal support services are delivered and we are looking for creative, innovative people who can help. If you are a client-focused professional who wants your ideas to make a difference, Elevate's team of highly regarded legal service experts could be the right fit for you.
Elevate is a next generation global legal service provider that ranked 53rd on the Inc. 5000 in 2016, a prestigious annual ranking of the fastest growing private companies. We help law firms and corporate legal departments with practical ways to improve efficiency, quality and outcomes.
At Elevate we live our core values.
We deliver - We are careful about the commitments we make to our customers and to each other. We do what we say we will.
We Innovate - We celebrate creativity. We challenge the status quo and continuously ask of ourselves, and each other how can we improve.
We care - We listen to our customers’ needs and help them solve their business problems. Our work is a positive influence on our personal lives and the lives of our families.
Elevate’s client is a Global Pharmaceutical Company with offices around the world.
As an EMEA Privacy Counsel and Data Protection Officer you will ensure that the company complies with Data Protection laws and regulations, both in Europe (Global Data Protection Regulation) and elsewhere in the EMEA region.
This will involve working closely with the Global Privacy Counsel and Data Protection Officer based at the company’s Global HQ in the US and with the company’s Data Protection Working Group (DPWG) and the Corporate and EMEA Legal and IT Functions (including Information Governance and EMEA IT Security).
- Informing and advising the organization on the Global Data Protection Regulation (GDPR) and its requirements. Serving as a subject matter expert and developing and implementing a robust compliance plan.
- Supporting the Global Data Protection function in developing and maintaining relevant internal corporate policies and training.
- Cooperating with and handling communications with Data Protection regulators, and any regulatory inspections and audits in the EMEA Region.
- Liaising with the Global Data Protection function and senior management to ensure the company adopts consistent and harmonized approaches on the Processing of Personal Data.
- Maintaining a Record of Processing Activities auditable by regulators as required by GDPR in collaboration with IT and Information Governance colleagues.
- Developing and managing an audit programme to monitor and ensure compliance with all Protection policies and procedures (including working with the company’s IT Data Security function to oversee compliance of all databases and systems that process Personal Data).
- Providing advice where requested with respect to data protection impact assessments (DPIAs).
- Updating Protection notices to and approaches to obtaining consent from Data Subjects and handling subject access requests to comply with GDPR standards.
- Responding to security breaches.
- Ensuring any transfers of Personal Data to areas outside the EEA comply with appropriate laws and regulatory guidance.
- Fielding and advising on Data Protection law questions across the EMEA organization and supporting business projects and initiatives to ensure compliance.
- Experience of interfacing with data protection regulators desirable.
- Understanding of relevant legal, regulatory, compliance and business environment within the pharmaceutical industry desirable, with a commercially orientated mindset.
- Highly technically minded with an ability to analyse data protection and processing issues in the context of complex IT systems, web based technologies and other media.
- Strong leadership capabilities.
- Have (and exercise) innate good judgement, including a sound risk-assessment based approach. Excellent and effective communication, negotiation, influencing and interpersonal skills, strong but diplomatic presence.
- Commercial awareness, excellent business sense and key ability to develop practical approaches and prompt solutions.
- Teamwork, appropriate prioritisation, enthusiasm, and strong work ethic essential.
- Resilient profile with the ability to deliver in an ambiguous environment.
- Ability to engage and manage multiple stakeholders to achieve the objective.
- Operationally excellent.
- 10+ years PQE including significant EU Data Protection Law advisory experience.
- Law degree or professional legal qualification.