Legal Counsel Data Protection Compliance mfd

Indivumed is a biotech company focused on precision oncology. We discover therapeutically novel targets for the development of precision cancer therapeutics and strive for a future in which every cancer patient can benefit from precise therapeutic treatments.

To achieve this goal, we dedicate our skills and knowledge in cancer research to the identification, validation, and preclinical development of first-in-class therapeutics. With more than twenty years of experience and a truly unique resource based on a standardized collection process that secures a cold ischemia time of under 10 minutes, we are committed to transforming oncology and bringing the best possible therapies to patients.

Currently, we are looking for a Legal Counsel Data Protection & Compliance (m/f/d) – parttime 15-20 hrs/week as a temporary parental leave replacement for 12 months.

Your responsibilities :

• Inform, advise, and issue recommendations to Indivumed regarding compliance with data protection laws, particularly including EU GDPR, with an openness to familiarize yourself with US HIPAA data protection regulations .
• Identify business processes and systems related to the processing and storing of personal data under EU GDPR, and update and maintain the list of data processing activities.
• Generate, update, and maintain Data Protection Impact Assessments as needed under EU GDPR.
• Update and maintain the company\’s data deletion policies.
• Work closely with relevant stakeholders on the creation and implementation of data protection by default and by design measures.
• Review commercial agreements and contracts, including Data Processing Agreements with data processors and customer questionnaires regarding data protection.
• Review rollout and supervise staff awareness trainings to achieve compliance and foster a culture of data privacy within the organization.
• Help determine appropriate safeguards (including technical and organizational measures) for mitigating risks to the rights and interests of data subjects.
• Generate mandatory reports on the status of data protection in the organization.
• Cooperate with supervisory authorities and auditors as required.
• Support the organization with various regulatory and compliance matters, including biospecimen collection, access to and handling of medical data, anti-corruption and anti-money laundering regulations, and export controls.

Our requirements :

• Master\’s or comparable degree in law or business law.
• 25 years of proven experience handling EU GDPR topics, including data processing agreements, consent forms, data management contracts, and confidentiality agreements.
• Experience as DPO is a plus.
• Clear affinity towards IT digitization and data-driven business.
• First experience in pharma or biotech industries is a plus.
• Open-minded and quick to grasp new tasks and topics.
• Team-oriented with a hands-on and service mentality.
• Excellent communication and presentation skills, fluency in English (written and oral), and very good command of German (C1/C2).

Benefits include a demanding area of responsibility in a fast-growing company, subsidies for public transportation and sports memberships, company pension scheme, refreshments, social events, language courses, 30 days holiday, and holiday days on Christmas and New Year\’s Eve.

Would You Like to Contribute to the Success of Our Company?

Please apply online, including your salary expectations and current notice period. Use our \’Apply now\‘ button here!

Key Skills

Employment Type : Full Time

Experience : 25+ years

Vacancy : 1

#J-18808-Ljbffr