Privacy Counsel
$140,000 - $180,000/ year
Posted Nov 15 At Zimmer Biomet, we believe in pushing the boundaries of innovation and driving our mission forward. As a global medical technology leader for nearly 100 years, a patient’s mobility is enhanced by a Zimmer Biomet product or technology every 8 seconds.
As a Zimmer Biomet team member, you will share in our commitment to providing mobility and renewed life to people around the world. To support our talent team, we focus on development opportunities, robust employee resource groups (ERGs), a flexible working environment, location specific competitive total rewards, wellness incentives and a culture of recognition and performance awards. We are committed to creating an environment where every team member feels included, respected, empowered, and recognized.
Job Summary
As a member of the Zimmer Biomet Legal Department, the Privacy Counsel will drive Zimmer Biomet’s Privacy by Design efforts and compliance with privacy laws and regulations globally. The Privacy Counsel will advise Zimmer Biomet’s product and corporate teams on how to further their business goals in a legally compliant manner consistent with the company’s privacy standards.
How You'll Create Impact
- Work with the Global Privacy Officer and other Privacy team members to ensure Zimmer Biomet’s compliance with GDPR, PIPL, APPI, HIPAA, and other privacy and data protection laws around the world.
- Serve as lead privacy advisor to assigned internal corporate functions and business units to facilitate timely and effective implementation of Privacy by Design processes and to understand and evaluate privacy implications of new business initiatives, product development activities, commercialization strategies and clinical research efforts.
- Negotiate and address privacy-related issues and concerns in data processing agreements, business associate agreements, Software-as-a-Service agreements, licensing and distribution agreements, and mergers and acquisition agreements.
- Conduct privacy risk impact assessments (ROPAs, DPIAs, TIAs, etc.) and lead risk treatment action plans in collaboration with assigned business partners.
- Lead the investigation, management, mitigation and documentation of privacy incidents. Collaborate with necessary stakeholders to draft and issue any required notices to regulatory authorities or impacted individuals.
- Evaluate and respond to data subject access requests.
- Develop, manage and update privacy-related notices as well as company policies and procedures on the protection of personal data.
- Track development of worldwide privacy regulations, and present changes and potential business impacts to assigned business partners and other Privacy team members.
- Enhance systems for monitoring, auditing, and measuring the effectiveness of the Global Privacy Program.
- Assist with privacy compliance reviews, audits, and investigations.
- Conduct privacy training programs and other awareness initiatives.
- Collaborate with information security team on risk mitigation efforts, due diligence processes, and customer inquiries.
- Collaborate with Company personnel, legal counsel, and other related parties to represent the Company’s privacy interests with external parties (e.g., governmental authorities, trade associations).
- Develop external network and participate in professional organizations related to privacy and data protection.
**This is not an exhaustive list of duties or functions and might not necessarily comprise all of the essential functions for purposes of the Americans with Disabilities Act.
What Makes You Stand Out
- Develops close working relationships with clients in which corporate goals and priorities are maintained without compromising legal integrity.
- Communicates effectively to a diverse audience, at multiple levels within the Company, through various formats, e.g., presentations, written proposals, reports, correspondence, leading meetings, and face-to-face dialogue.
- Possesses knowledge of business processes within the industry, including, product development and approval, operations, marketing and commercialization.
- Understands public policy and healthcare industry developments, and the legislative and liability implications of business decisions.
- Demonstrates skills in collaboration, teamwork, and problem-solving to achieve goals.
- Demonstrates skills in verbal communication and listening.
- Expresses comfort in dealing with ambiguity. Demonstrates ability to navigate and resolve ambiguity to quickly and effectively address privacy-related risks.
- Possesses strong project management experience and skills.
- Demonstrates ability to operate in a complex, rapidly changing environment.
- Brings clarity and conciseness to written work product.
- Exhibits a high level of integrity and trust.
- Possesses knowledge of global, federal, and state level privacy and data security regulations.
- Thinks critically to resolve problems.
- Independently and in collaboration with other team members, formulates decisions and recommendations from diverse facts and information.
- Demonstrates proficiency with privacy compliance software platforms, in particular OneTrust.
Education & Experience
- JD required, plus a minimum of 3-5 years of legal work experience including at least 2 years of experience in a privacy legal role.
- Admitted to a state bar in good standing.
- CIPP certification preferred.
Expected Compensation Range: $140k-$180k plus bonus