Overview
Eucalyptus is building a preventive healthcare ecosystem. The Privacy Program Lead will join the Trust Team (IT, Cybersecurity and Infrastructure) to manage a global privacy program that protects the dignity of patients using our healthcare services. This role reports to the Head of Security and Infrastructure and works closely with the Legal team.
What You’ll Be Doing
* As Privacy Program Lead, oversee our data privacy program and lead the design and implementation to meet EU/UK GDPR and PECR requirements. Collaborate with legal and compliance teams to design and implement processes that manage risk while enabling innovation.
* Manage data governance tooling and processes. Maintain data governance policies, processes and tooling. Manage the Record of Processing Activities (RoPA) for new and existing data processing.
* Manage data subject rights. Oversee policies, tooling and processes to enable efficient handling of DSARs and data deletion requests.
* Manage third-party supplier risks. Lead privacy risk assessments for vendors and software providers as part of procurement; define contractual terms to protect patient data privacy. Conduct DPIAs and TRAs with cross-team collaboration and ensure actioning across the business.
* Act as a strategic advisor on security and privacy. Advise on data protection and information security obligations and support privacy-by-design across projects.
* Create a privacy-aware culture. Lead training and awareness initiatives to ensure staff understand data protection responsibilities, especially within HR, Engineering and Clinical teams.
Skills & Experience
* Extensive experience in the operational application of EU and UK privacy law, including GDPR and UK PECR.
* Experience establishing or maintaining a data protection compliance program (DPIAs, DSARs, training, vendor assessments, monitoring compliance). Methodical task tracking and continuous improvement in data protection compliance.
* Risk-based approach to privacy balancing compliance with cost and efficiency.
* Experience developing and facilitating privacy or security awareness training for non-technical audiences.
* Excellent written and verbal communication, with ability to explain technology risks to diverse audiences and influence stakeholders at all levels.
* Privacy and/or information security certifications (e.g., CISSP, CISM, CIPP/E, CIPM) are desirable.
Behaviours & Attitudes
* Strong business analysis and partnering skills with the ability to build relationships across the organisation.
* Problem-solving orientation and comfort with ambiguity; connect day-to-day work to larger objectives.
* Continuous learner who seeks new perspectives and embraces the learning curve in diverse health domains.
Why Join Eucalyptus?
* Make a real impact and contribute to a fast-growing, mission-driven company.
* Support for career development, including regular feedback, performance reviews, a development budget, and leave support.
* Collaborative environment with autonomy to tackle meaningful problems and a focus on patient outcomes.
* Benefits include employee options, wellness allowance, development budget and additional leave, 25 days + holidays with enhanced parental leave, and equipment like a MacBook.
* Access to team insights and social opportunities as part of a vibrant workplace culture.
At Eucalyptus, we value individuals from all backgrounds and perspectives. If you require reasonable adjustments during the interview process, please let us know.
#J-18808-Ljbffr