Summary:The Associate Director, Customer Data Privacy & Consent Enablement is a business-side commercial operations role within the Commercialization AI Strategy & Analytics function, reporting to the Director, Global Consent & Data Privacy.
This role is responsible for helping BMS translate evolving privacy, consent, and customer data requirements into practical commercial processes, data requirements, and system capabilities. The role serves as a bridge between Legal, Compliance, Marketing, Omnichannel, Patient Services, Field, Market Access, IT/BI&T, data product teams, and other commercial stakeholders to support compliant HCP and patient engagement across commercial channels.
The Associate Director is not a Legal or Compliance role. Instead, the role focuses on operational enablement: understanding commercial engagement initiatives, translating business and privacy needs into clear requirements, and helping ensure those requirements are embedded into workflows, platforms, data products, consent capabilities, and reporting processes.
Responsibilities:Commercial Privacy & Consent Enablement- Translate privacy, consent, and customer data requirements into practical guidance, workflows, controls, and operational processes for commercial teams.
- Support the operational pull-through of applicable privacy and consent requirements across HCP, patient, digital, omnichannel, and third-party commercial data activities.
- Partner with Legal, Compliance, and Global Consent & Data Privacy to assess new or changing requirements and determine commercial impact.
- Help maintain operational readiness as privacy, consent, and customer data requirements evolve across applicable jurisdictions.
Commercial Data Requirements & Governance- Partner with Marketing and other commercial functions to understand HCP and patient engagement initiatives and translate business needs into data, consent, privacy, and reporting requirements.
- Support commercial data mapping and inventory activities across customer, engagement, digital, patient support, and third-party data sources.
- Ensure commercial data classifications, consent indicators, approved uses, and restrictions are reflected in relevant data catalogs, documentation, and business processes.
- Support data protection, privacy impact, and commercial data-use assessments as needed for higher-risk processing activities.
Technology & Platform Implementation Support- Provide clear business, data, consent, privacy, and reporting requirements to IT/BI&T, data product owners, and platform teams.
- Support implementation of consent, preference, notice, opt-out, data rights, and privacy-related capabilities across commercial platforms and digital properties.
- Partner with IT/BI&T and platform owners to define requirements for consent management tools, customer data platforms, commercial data products, reporting capabilities, and related system changes.
- Track implementation progress, identify operational gaps, and help coordinate remediation with relevant stakeholders.
Cross-Functional Coordination & Operational Readiness- Coordinate across Legal, Compliance, Marketing, Omnichannel, Patient Services, Field, Market Access, IT/BI&T, data product teams, and external partners to support consistent execution.
- Help convert complex privacy and data requirements into clear, usable guidance for commercial teams.
- Support training, communications, documentation, and change management activities related to customer data privacy, consent, and commercial data use.
- Maintain practical documentation, decision frameworks, and operating procedures to support repeatable and audit-ready execution.
Vendor & Third-Party Data Coordination- Support commercial vendor and third-party data assessments related to privacy, consent, data use, and contractual requirements.
- Coordinate with Legal, Procurement, IT/BI&T, and business owners to ensure vendor data practices align with BMS requirements.
- Help maintain visibility into third-party commercial data usage, restrictions, and obligations.
Qualifications:- Bachelor's degree in Business, Law, Compliance, Information Systems, Data Governance, or a related field; advanced degree or privacy certification preferred.
- Minimum 5 years of experience in privacy operations, consent management, data governance, regulatory compliance, commercial operations, or related functions.
- Working knowledge of privacy, consent, and data protection requirements as they apply to commercial, marketing, digital, HCP, patient, and third-party data activities.
- Experience translating legal, privacy, or business requirements into practical workflows, data requirements, controls, and system capabilities.
- Familiarity with consent management platforms, customer data platforms, data catalogs, digital engagement platforms, or related commercial data systems.
- Strong ability to work cross-functionally with Legal, Compliance, Commercial, IT/BI&T, data product teams, and external partners.
- Strong analytical, communication, documentation, and project coordination skills.
- Experience in pharmaceutical, life sciences, or similar healthcare-related industries.
- CIPP/US or related privacy certification preferred or willingness to obtain.
Compensation Overview:Madison - Giralda - NJ - US: $167,540 - $203,013Princeton - NJ - US: $167,540 - $203,013
The starting compensation range(s) for this role are listed above for a full-time employee (FTE) basis. Additional incentive cash and stock opportunities (based on eligibility) may be available. The starting pay rate takes into account characteristics of the job, such as required skills, where the job is performed, the employee's work schedule, job-related knowledge, and experience. Final, individual compensation will be decided based on demonstrated experience.
Eligibility for specific benefits listed on our careers site may vary based on the job and location. For more on benefits, please visit https://careers.bms.com/life-at-bms/.
Benefit offerings are subject to the terms and conditions of the applicable plans in effect at the time and may require enrollment. Our benefits include:
- Health Coverage: Medical, pharmacy, dental, and vision care.
- Wellbeing Support: Programs such as BMS Well-Being Account, BMS Living Life Better, and Employee Assistance Programs (EAP).
- Financial Well-being and Protection: 401(k) plan, short- and long-term disability, life insurance, accident insurance, supplemental health insurance, business travel protection, personal liability protection, identity theft benefit, legal support, and survivor support.
Work-life benefits include:Paid Time Off
- US Exempt Employees: flexible time off (unlimited, with manager approval, 11 paid national holidays (not applicable to employees in Phoenix, AZ, Puerto Rico or Rayzebio employees)
- Phoenix, AZ, Puerto Rico and Rayzebio Exempt, Non-Exempt, Hourly Employees: 160 hours annual paid vacation for new hires with manager approval, 11 national holidays, and 3 optional holidays
Based on eligibility*, additional time off for employees may include unlimited paid sick time, up to 2 paid volunteer days per year, summer hours flexibility, leaves of absence for medical, personal, parental, caregiver, bereavement, and military needs and an annual Global Shutdown between Christmas and New Years Day.
All global employees full and part-time who are actively employed at and paid directly by BMS at the end of the calendar year are eligible to take advantage of the Global Shutdown.
*Eligibility Disclosure: The summer hours program is for United States (U.S.) office-based employees due to the unique nature of their work. Summer hours are generally not available for field sales and manufacturing operations and may also be limited for the capability centers. Employees in remote-by-design or lab-based roles may be eligible for summer hours, depending on the nature of their work, and should discuss eligibility with their manager. Employees covered under a collective bargaining agreement should consult that document to determine if they are eligible. Contractors, leased workers and other service providers are not eligible to participate in the program.
On-site ProtocolBMS has an occupancy structure that determines where an employee is required to conduct their work. This structure includes site-essential, site-by-design, field-based and remote-by-design jobs. The occupancy type that you are assigned is determined by the nature and responsibilities of your role:
Site-essential roles require 100% of shifts onsite at your assigned facility. Site-by-design roles may be eligible for a hybrid work model with at least 50% onsite at your assigned facility. For these roles, onsite presence is considered an essential job function and is critical to collaboration, innovation, productivity, and a positive Company culture. For field-based and remote-by-design roles the ability to physically travel to visit customers, patients or business partners and to attend meetings on behalf of BMS as directed is an essential job function.