• University degree qualification or equivalent tertiary education qualification
• Professional qualification as a lawyer and licensed to practice as an in-house in an EU country, in the US or in another country with significant privacy laws.
• Minimum of 5 years relevant experience practising as a lawyer including experience of advising on the application of data privacy laws to a variety of business projects and issues.
• Knowledge and experience of how in-house lawyers serve the employer client
Pharmaceutical Industry experience helpful.
The Privacy Counsel, as part of a team reporting to the Global Privacy Counsel, will provide legal advice from both a national and global perspective to enable GSK to operate in accordance with all applicable data privacy laws, including advice in support of innovative projects and in support of the operation of the new Privacy operating model.
Working as part of the team reporting to the Global Privacy Counsel, the Privacy Counsel will:
• Provide strategic advice to GSK business units and global support functions on innovative projects, to ensure that privacy by design is embedded in the project. This advice will be based on an in-depth knowledge developed by the Privacy Counsel of the governance of key types of personal information used within GSK’s business (employee, patient, consumer and HCP).
• Advise on legal questions arising from Privacy Impact Assessments for individual projects, including projects involving international data transfers.
• Advise on GSK’s response to data breaches, investigations and complaints.
Support to the Privacy Operating Model
• Know-how management: develop and maintain a central know-how repository to provide a baseline working knowledge of global privacy laws within the Global Privacy Counsel team.
• Regulatory Change impact management: review and interpret new laws, official guidance and case law to identify potential impact on GSK’s operations, and work with the Regional Privacy Officer and Privacy Leaders for the relevant business units to determine changes required to GSK strategy and/or written controls.
• Advise on the development and maintenance of GSK’s written controls on Privacy, and on requests for exceptions to those controls.
• Advise on the development of guidance and templates for specific Business Unit activities.
• Advise on the privacy aspects of GSK’s oversight of third parties, including the maintenance of standard contractual language for use by GSK with third party suppliers or business partners, and on standard due diligence requirements.
• Contribute to the development of training for GSK employees generally, and develop training as appropriate for the Legal Department
• Actively participate in external forums on privacy issues affecting the Pharmaceutical Industry.