Senior Privacy Manager

Abbott is seeking an experienced privacy professional to lead privacy compliance operations for its Medical Devices Divisions and functions in Sylmar. The successful candidate is a seasoned privacy professional with a proven track record in collaboratively and pragmatically directing data protection needs and issues for a multi-national company. Qualified Candidate is expected to build effective relationships with business unit leaders and other clients, and to partner with Abbott's global corporate teams. The Associate Director must be organized, process oriented, adept at managing deadlines, and capable of building strong relationships with global business stakeholders. The ability to understand and help manage multiple privacy projects reactively while simultaneously enhancing existing processes for efficiencies.

Reporting to the Global Privacy Officer for Medical Devices, this role is responsible for managing the privacy program operations, the review of privacy controls, mechanisms and protocols across the organization and product line, and supporting important global digital transformation initiatives. This team member will work cross-functionally with the Privacy, Legal, Compliance, Engineering, and Product Teams. The Associate Director must have experience with privacy by design, third-party due diligence, privacy impact assessments, and regulatory privacy compliance as well as overall operational and programmatic privacy experience.

The successful candidate will have a true passion for privacy and proven experience to: advise stakeholders on privacy risks and mitigations; evaluate control effectiveness; improve process efficiency and scalability; provide privacy consultation; track global privacy requirements including any new requirements/guidance or changes; and have the ability to synthesize data to identify patterns, draw conclusions, and prioritize remediation using risk management concepts.

• →Develop and implement standards, processes and technical solutions to ensure privacy policies are correctly implemented. The implementations should advance compliance with legal and business forms of data processing.
• →Inform and advise Abbott commercial teams of their obligations to comply with the U.S. and global data protection laws and requirements, including HIPAA and GDPR.
• →Lead privacy reviews for Generative Artificial Intelligence related matters and guide divisions with Generative AI related advising.
• →Be a member and participate in divisional Data Use and Ethics Councils.
• →Guide the development of new privacy products and features, as well as the review of in place products and technology to ensure persistence of privacy controls.
• →Identify areas of improvement in local practices relative to managing data privacy.
• →Assist with regular privacy assessments of operational processes, identifying, and mitigating risks through effective tools, training, and guidance.
• →Assist with tracking categories of privacy threats and vulnerabilities to proactively address potential future variances
• →Communicate program progress, escalations, and issue analysis to key stakeholders.
• →Increase privacy maturity in the technical and compliance teams by providing privacy education, training, and mentoring
• →Closely interact with local teams in case of regulator inquiries or addressing data subject rights and drive for delivering system related / technical information and analysis needed to work up the cases and draft responses
• →Conduct privacy risk assessments of multiple product components, and determine how to bridge between data regulations, governance, practical engineering practices, and policy practices.
• →Develop, maintain, and publish design or technical documentation to drive consistency in privacy decisions and practices.
• →Drive and develop executive-level briefings on progress across major privacy control development frameworks.
• →Ability to manage risk in ambiguous and complex situations.

• Bachelor’s degree in computer science, Privacy Engineering, Information Technology, or a related technical field.
• 7+ years of progressive privacy program management, compliance, and or program management experience (healthcare or tech preferred).
• 5 + years of experience with privacy in an engineering and or technical implementation context.

• Fluency and proficiency in privacy preserving methods and technology.
• Strong verbal and presentation skills to facilitate communicating complex topics with diverse stakeholders during trainings or meetings.
• Detail-oriented, highly organized and independent; capable of managing a wide range of diverse projects with minimal supervision.
• Significant experience implementing and managing applicable regulatory frameworks (e.g., GDPR, HIPAA, CPRA and other U.S. state laws). 

In specific locations, the pay range may vary from the range posted.