The VP of Data Protection is responsible for developing, implementing and overseeing data privacy, data pro-tection, and data retention including the Global Data Protection Program (GDPR) across Stericycle. The duties include ensuring Stericycle complies with the European Union’s GDPR and other applicable data privacy laws and regulations, both current and future. The VP will ensure Stericycle uses data retention and protection poli-cies and controls as a business enabler and manages reputational risk that can arise from data protection mis-haps or compliance failures.
This position requires the ability to understand and address complex compliance and privacy issues, equate the resolution of issues to Stericycle plans and objectives, and plan and manage remediation or implementation projects. This role will apply global IT industry best practices, enabling Stericycle to instill the business with new insights regarding global data, business risk, compliance, and information security.
Key Position Activities:
1. Act as Stericycle’s global leader on data privacy, data regulations, issues relating to data privacy compli-ance, and cooperate with relevant Data Protection Authorities (DPAs).
2. Define Stericycle policies and guidelines governing data privacy and ensure their consistency with other relevant statutes, policies and guidelines.
3. Responsible for Stericycle’s GDPR-required policies governing topics such as Data Retention, Data Privacy by Design and Data Privacy Impact Assessments.
4. Advise and assist in the resolution of any GDPR-related vendor or customer contract issues.
5. Guides development and operation of Stericycle’s Privacy Framework, including operation of the Stericycle Data Privacy Committee.
6. Liaise with senior management and stakeholders to ensure the delivery of the Global Data Protection Pro-gram.
7. Monitor the status and effectiveness of Stericycle privacy controls and coordinate data privacy audits. Oversee periodic data risk assessments and audits to ensure that information systems are adequately protected to meet all appropriate requirements.
8. Contribute to risk evaluation when a data breach occurs to ensure Stericycle responds in a timely manner that is consistent with statutory, regulatory, and contractual obligations.
9. Support and contribute to Stericycle’s ongoing security and training awareness program to promote a data protection culture throughout the Stericycle.
10. Define and perform risk assessment processes intended to evaluate the risk to data from a privacy standpoint.
• Minimum of 5 years of experience with Global Privacy Laws, best practices/ industry standards and solid knowledge of GDPR
• A proven record of dealing with complex projects and meeting conflicting demands
• Practical experience in working on data and application system projects
• Strong customer focus and proficiency in prioritizing projects and demands
• Ability to develop policies and procedures in clear, non-technical language
• Excellent communication skills
• Strong analytical and creative mind
• Experience in working in an international business environment
• Data Privacy certifications or relevant legal certifications and specialties a plus.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.