Job Title Data Protection Attorney
Category Sales and Related Workers, All Other
DATA PROTECTION ATTORNEYAllendevaux & Company is seeking an experienced data protection / privacy attorney to join its growing team. The purpose of the role is to work with a distributed base of clientele as an objective legal advisor to identify and evaluate privacy compliance issues. You will provide subject matter expertise along with a team of experienced privacy professionals, designing corporate privacy training and monitoring regulatory trends. Your contribution will enable businesses to protect the privacy of stakeholders including employees, customers, vendors and others.The role will report directly to a senior partner at the firm. Due to the pandemic, this is a teleworking role supported by daily meeting participation over videoconference. Normally travel is customary to support onsite meetings, but nearly all travel has been suspended as of this writing. Should have a home-based office that is fairly insulated (within reason) from distracting noises, with access to stable Internet connectivity.Personal Characteristics and Skills
- Attention to detail and consistent high standard of work.
- Comfortable with ambiguities that need problem-solving.
- Good time management skills with the ability to prioritise workload with a flexible approach to ensure deadlines are met.
- Substantially well-developed written and oral communication skills in English, with the ability to use footnotes, bibliographic references, documentation styles and mature layout.
- Design global data privacy strategies and lead efforts to comply with relevant privacy and data protection laws in various jurisdictions, especially the European Union.
- Provide legal expertise on interpretation and application of data protection law.
- Design and implement strategies to enable intra-company and cross-border data transfers, understanding case law such as Schrems II decisions.
- Understanding of data privacy issues relating to data storage and IT infrastructure.
- Draft, review, and implement company-wide privacy related policies, procedures and controls; adjust policies and procedures to reflect latest developments in privacy globally.
- Scope and perform periodic data privacy risk assessments including DIPAs, mitigation and remediation, including data control design and monitoring, as well as the mitigation of privacy and security risks.
- Strategically advise on the development of new services or enhancements to existing services to ensure privacy by design and privacy by default principles.
- Support HIPAA risk assessment and companys compliance obligations as a HIPAA Business Associate.
- Provide support and guidance to investigations and security teams to enable compliance with privacy laws when transferring or analysing data.
- Provide privacy and data protection issue spotting and advice for ethics hotline reports.
- Support contract negotiation and drafting for complex privacy and data protection issues.
- Design training courses for privacy and data protection, including annual company-wide Privacy and Data Protection training.
- Provide support to M&A team for privacy and data protection topics. Work with management, functional leaders and business leaders to formalize, implement and maintain privacy compliance policies and procedures and to ensure compliance training is completed.
- Coordinate with internal audit to conduct periodic assessments of the effectiveness and performance of companys privacy compliance program.
- Juris Doctorate; Advanced degree (PhD) is also desirable.
- 5-8 years professional experience in a role involving privacy compliance.
- CIPP/E, CIPM, CISM certifications