Data Protection Specialist

Governance & Compliance Posted date 29 April 2021 MåløvNovo Nordisk

We are seeking a Data Protection Specialist to help us improve our management of personal data arising from research on human biosamples, sharing and processing of related research data and storing of these in IT systems.

About the department
In Global Drug Discovery (GDD), Global Research Technologies (GRT), Stem Cell and Translational Science & Medicine we are more than 1500 colleagues who work on exploring scientific ideas, testing novel concepts and full-fledged research projects which could develop into novel medicines for people with diabetes, obesity, non-alcoholic steatohepatitis (NASH), cardiovascular and chronic kidney disease and other serious chronic diseases.

Our research sites are located in Denmark (Måløv), United Kingdom (Oxford), United States (Seattle and Boston) and China (Beijing) and utilise a large network of external collaborators from biotech, academia and non-profit organisations, making our research a truly global undertaking.

In GDD Business Support, we are a team of 14 colleagues with a variety of professional backgrounds supporting our research organisation. The areas of responsibility in the department include quality and compliance, business ethics, human biosamples, GDPR, outsourcing, shipping, SOP support, regulatory submissions and general study and administrative support.

The position
In collaboration with Novo Nordisk Data Protection Office, Legal Office, our area’s Data Protection Responsible and a team of GDPR trained scientists you will work on ensuring GDPR compliance within the research organisation in Novo Nordisk.

You will contribute to the continuous evaluation of the existing data protection framework and develop materials and deliver courses tailormade for training colleagues who work with personal data in our research projects, to comply with external and internal requirements and best practices.
It will include coordination of data mapping, risk assessment, compliance documentation and actions plans to address compliance gaps. In addition, you will maintain records of all personal data processing activities.

You will liaise closely with line of business and establish process descriptions in compliance with GDPR standards focussing on implementing solutions by design. You will be serving as a subject-matter expert and provide operational guidance, data protection advice and support to the organization.

You will monitor the industry landscape to keep visibility on trends and best practices related to data privacy in a research setting. You will be part of a dynamic and collaborative team, but also work independently.
The job is based in Denmark, but interactions with our research sites are required.

You have an academic background and at least three years’ experience working with data protection laws and compliance in a research/pharma setting. You are for instance IAPP trained, e.g. CIPP/E certification or alternatively FIP or have taken GDPR master classes. You have a solid external network within GDPR and are experienced within both data sharing, deletion, transfer, access management, storing etc. in relation to data privacy requirements and can balance these to avoid additional bureaucracy in a research setting.

You are a good communicator with the ability to translate GDPR into practical use and promote a culture of data protection compliance within the organization. You have excellent English verbal and written communication skills and the ability to develop awareness and communications at all levels. You can lead training sessions and workshops. You have good interpersonal skills that naturally builds relations with colleagues and stakeholders in the organisation. You are flexible by nature and can step in and support your colleagues who work with other responsibilities if a need arises.
You are optimistic and enjoy a divergent environment where all opinions are welcome. You contribute to a nice, inclusive and humorous atmosphere.

  • Posted date 29 April 2021