Data Privacy Associate- Canada
Data Privacy Associate- Canada
Hybrid Work- 3 days/week from our Mississauga office
At AstraZeneca, we pride ourselves on crafting a collaborative culture that champions knowledge-sharing, ambitious thinking and innovation – ultimately providing employees with the opportunity to work across teams, functions and even the globe.
Recognizing the importance of individualized flexibility, our ways of working allow employees to balance personal and work commitments while ensuring we continue to create a strong culture of collaboration and teamwork by engaging face-to-face in our offices 3 days a week. Our head office is purposely designed with collaboration in mind, providing space where teams can come together to strategize, brainstorm and connect on key projects.
Our dedication to sustainability is also central to our culture and part of what makes AstraZeneca a great place to work. We know the health of people, the planet and our business are interconnected which is why we’re taking ambitious action to tackle some of the biggest challenges of our time, from climate change to access to healthcare and disease prevention.
Summary:
The Data Privacy Associate assists the Canadian Privacy Officer in assessing, supporting, and conducting ongoing compliance monitoring. You will also maintain the company’s compliance with data privacy requirements (policies, legislation and regulations) in a fast-changing environment; work with stakeholders to implement, operationalize, and oversee privacy requirements and compliance for all business activities and to ensure alignment between privacy function and business activities.
Typical Accountabilities:
Data Privacy of Clinical Data Subjects
Canadian privacy support for results-based scientific studies, including clinical trials, real-world evidence, and externally sponsored research studies. This includes review and guidance regarding contracts, ICFs, templates and any new study technology implemented.
Training the Business
Review, update and deliver training (in consultation with Canadian Privacy Officer, Global Privacy Office, legal, outside counsel and local resources as necessary) with respect to:
Company policy implementation
Privacy impact assessments
Data Transfer Assessments
Ongoing monitoring and enhancing risk assurance capabilities
Evolving expectations of supervisory authorities
Ensuring Company Compliance with Data Privacy Rules and Regulations
Prepares and reviews data sharing agreements and the privacy components of procurement agreements for all Canadian market activities that involve personal information as well as global reviews for activities that impact or are launched in Canada.
Proactively maintains a register of common privacy clauses and Canadian privacy requirements included in legal agreements to use as a tracking and precedent tool for upcoming contract reviews.
Provides privacy analysis for software applications, Internet of Things projects, cloud computing services, database designs and other information technology projects, including projects that involve artificial intelligence or automated decision-making.
Provides vendor risk management by assessing vendors to ensure they have proper technical and organizational safeguards to protect AstraZeneca’s interest and that of its stakeholders (including HCPs, HCO’s and patients). Consult with members of the Global Privacy Office as required on privacy impact assessments.
Maintains a register of common safeguard language in vendor agreements to expedite vendor management review.
Ensures local legal and/or regulatory requirements to enable compliant processing and transfer of personal data within the AstraZeneca Group of Companies (Affiliates) and among AstraZeneca partners/vendors.
Partner with the local or Global Assurance team within local and Global Compliance, Internal Audit, and independent auditing resources (where necessary) to monitor compliance with applicable data protection and privacy laws and broader data privacy requirements.
Supervisory Authorities
Assist with data breach management planning and devising strategies for preventing and minimizing data loss if the organization is breached. Operationalize the efficient reporting of significant and/or serious breaches (whether requiring external notice or otherwise), including advice on remediation measures.
Data Privacy Evolution
As a privacy subject matter expert for Canada, (in consultation with Canadian privacy officer, legal, external counsel and local resources as needed), conduct ongoing horizon scan on key Canadian privacy legislation in the many Canadian jurisdictions and assist with assessment of how these regulatory developments, proposed legislations, and expectations of supervisory authorities and standard processes should be implemented for Canada, while being aligned with Global policies.
Support the development of and operationalize an oversight and monitoring program for overall privacy policy noncompliance, including:
forward-looking metrics and compliance monitoring
program and policy tracking
Develops and maintains a list of data privacy requirements to ensure proper compliance with Canadian privacy laws.
Essential Education, Qualifications, Skills and Experience:
Post secondary education
Passion for Canadian privacy law and practice with the intention of acquiring a CIPP/C designation or equivalent
At least 3 years of work experience in preferably a healthcare environment
Strong subject matter expertise and experience within healthcare data privacy domain
Critical thinking skills
Change management, interpersonal, assertiveness, and negotiation skills
Strong communication skills
DesirableEducation, Qualifications, Skills and Experience:
Certified Privacy Professional Canada Designation (CIPP/C) or equivalent
Paralegal license
Experience in the pharmaceutical/healthcare industry
Experience handling external service providers
Bilingualism in French and English
Great People want to Work with us! Find out why:
Are you interested in working at AZ, apply today!
AstraZeneca is an equal opportunity employer that is committed to diversity and inclusion and providing a workplace that is free from discrimination. AstraZeneca is committed to accommodating persons with disabilities. Such accommodation is available on request in respect of all aspects of the recruitment, assessment and selection process and may be requested by emailing AZCHumanResources@astrazeneca.com.
AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorisation and employment eligibility verification requirements.
