Site Name: Belgium-Wavre, UK – London – New Oxford Street
Posted Date: Jun 11 2025
Director, Privacy R&D and CPO
Job Purpose
A Director of Privacy for R&D/CPO ensures compliance with global data protection laws like GDPR and HIPAA. They mitigate privacy risks and safeguard sensitive health data to ensure patient privacy rights are respected and to avoid legal and reputational damage. The role fosters trust among study participants by ensuring confidentiality and ethical data handling in research. They oversee data governance, ensuring secure and appropriate use of information. The Director provides strategic guidance in product development, partnerships, and mergers, integrating privacy into innovation. They lead training initiatives to build a privacy-conscious organizational culture across R&D and CPO. The role enhances security and supports digital health initiatives. Ultimately, it protects both the company and patient interests in a highly regulated sector.
The role will also have line management responsibilities. The job holder will report to the
Head of Bioethics and CMO Oversight.
Key Responsibilities
1. Develop and implement strategies to embed Privacy by Design into R&D & CPO processes, including updating privacy inventories and conducting privacy risk assessments with appropriate mitigation controls.
2. Oversee the privacy strategy, ensuring timely review of privacy inventories and impact assessments to identify gaps, assign actions, and track progress. Address new innovative areas and review third-party processes relevant to enterprise risk.
3. Monitor privacy gaps, risks, and issues; develop risk mitigation measures, corrective actions, and report to governance bodies such as RDCB, Data Ethics and Governance Council, and relevant boards.
4. Support privacy-related training for R&D & CPO staff to foster a privacy-by-design culture.
5. Analyze and implement process changes to enhance the R&D/CPO Privacy framework.
6. Maintain communication with stakeholders, Privacy Legal, Data Privacy Officer, and enterprise risk teams to ensure alignment of global and local privacy processes.
7. Coordinate responses to Data Privacy Regulators during breaches and manage ongoing compliance and remediation strategies.
8. Oversee privacy expertise related to data and human biological sample reuse, including support to the DSAP panel.
9. Create and maintain R&D/CPO’s approach to the GSK Privacy Enterprise Risk Plan, and communicate with privacy professionals across GSK.
10. Provide risk management oversight across therapy areas, ensuring a comprehensive risk strategy and internal control framework.
11. Lead risk assessments, update risk registers, and perform root cause analyses to address control deficiencies.
12. Ensure a sustainable enterprise risk management plan is in place, with lessons learned shared across the organization.
13. Escalate relevant risks to appropriate organizational bodies and oversee escalation processes.
14. Stay updated on national and international regulatory legislation, applying this knowledge for continuous process improvement.
15. Educate and influence management and staff on compliance policies and practices, especially in privacy areas.
16. Support the development and implementation of processes, standards, and job aids for regulatory inspections and investigations.
Why you?
Basic Qualifications
* Expertise in regulation guidelines and medical governance policies applicable to R&D.
* Over 10 years of experience in privacy within the EU and outside EU, with a broad scientific/pharmaceutical background.
* Experience in implementing privacy risk controls globally.
* Proven success in enhancing internal control frameworks.
* Good understanding of privacy regulatory frameworks.
* Experience in governance activities across R&D, medical, commercial, and compliance functions.
Preferred Qualifications
* Privacy accreditation or qualification.
* Bioethical expertise and the ability to evaluate complex cases.
* Strategic and operational capability to incorporate organizational considerations.
* Results-driven with a sense of urgency.
* Excellent communication, negotiation, and presentation skills, with ability to influence at all levels.
* Problem-solving skills using knowledge, information, and networks.
* Self-motivated and capable of working independently.
* Leadership skills to motivate and develop teams.
* Experience in risk management or business with privacy focus.
If you have a disability and require assistance during the selection process, please inform us of your needs to make suitable arrangements.
Why GSK?
We unite science, technology, and talent to get ahead of disease, impacting billions of lives and delivering sustainable shareholder returns. We focus on vaccines, medicines, and the immune system, investing in core therapeutic areas.
Our success depends on our people, and we strive to be a place where everyone can thrive, feel valued, and grow. Join us at this exciting moment in our journey to get Ahead Together.
Important notice to Employment agencies
GSK does not accept referrals from employment agencies without prior written approval. All agencies must contact GSK's procurement and HR departments for authorization before referring candidates. Unauthorized actions will be deemed unapproved, and GSK will not be liable for fees arising from such referrals.
#J-18808-Ljbffr