Sr. Privacy Counsel - The Americas
Baxter
- Deerfield, IL
- Permanent
- Full-time
- Act as the main advisor and subject matter expert for the Americas, and support the initiatives, projects and products assessments providing practical, timely, strategic, and high-quality legal advice on data privacy and roll out under Global Privacy Laws.
- Provide pragmatic legal advice on data driven projects including mobile applications, artificial intelligence, data analytics, software as a medical device.
- Strategically assess potential privacy risks with innovative new initiatives and develop appropriate controls, training, and guidance to ensure compliance with applicable privacy laws and Baxter’s Privacy Program.
- Monitor developments in global data privacy laws (and related legislation and industry practices). Support operationalization of compliance with regional and local laws such as HIPAA, CCPA/CPRA, state laws, and/or local laws in the geographies.
- Drive Baxter’s Privacy compliance efforts and milestones, while building a culture of privacy.
- Attend or facilitate the Privacy Office meetings and act as the first point of contact for the country Local Privacy Champions (LPCs) in the region.
- Be able to act independently and provide expert legal advice and counsel to Baxter on privacy matters.
- Partner and interact closely with business and/or functional leaders and/or teams in the identification of privacy related issues and support in the efficient resolution.
- Identify areas of vulnerability and risk and undertake corrective plans to resolve the issues.
- Create awareness and perform trainings, as needed, following the Baxter Privacy Office Curriculum and functional needs.
- Conduct or support internal investigations of allegations of potential data breaches.
- Manage data subject requests as per privacy laws.
- Conduct privacy impact assessments as required in the geographies under the supervision of Baxter Privacy Office.
- Draft and negotiate Business Associate Agreements and/or Data Processing Agreements, as applicable, with Baxter’s vendors and customers.
- Perform due diligence exercises on Baxter’s potential partners from a data protection compliance standpoint.
- Maintain up to date privacy expertise, skills, and competency regarding evolving laws, regulations, guidance, and directives impacting Baxter internationally.
- Law Degree from a US jurisdiction and bar membership.
- 7+ years of professional experience in an international company or in an international law firm in the area of data protection. The ideal candidate will have experience gained from a mix of law firm private practice and in-house positions in companies engaged in the health/life-sciences sector.
- Healthcare experience required. Medical Device and international experience strongly preferred.
- Expert knowledge of global data privacy laws (such as HIPAA, CCPA/CPRA, PIPEDA, and working knowledge of the GDPR).
- Experience in managing data incidents and breaches.
- Proven experience with counseling business clients on an international level.
- Ability to work independently and navigate ambiguous legal issues.
- Proven track record in working with others in addressing privacy issues in a pragmatic way and within complex organization environment.
- High degree of accountability, professional motivation, and drive with the resulting ability to thrive in a results-oriented culture while driving excellence to optimize the execution of transactions.
- Proven history of proactively identifying and researching legal risks and issues and effectively counselling clients regarding same providing actionable risk mitigation strategies.
- Strong ability to work with and coordinate activities across a large number of individuals across various functional areas and effectively communicate the impact of law and regulation on business operations in a solutions-oriented manner.
- Fluency in English. Ability to work in French or Spanish will be considered as a plus.