Manager, U.S. Privacy Compliance, Global Privacy Office
AbbVie · North Chicago, IL · 2 days ago
LegalFull-time
About the role
The Privacy Manager, U.S. plays a key role in leading and advancing AbbVie’s U.S. privacy program, serving as a subject matter expert and point of contact for privacy matters, including pharmacy operations.
Responsibilities
- Provide strategic and day-to-day privacy support for commercial functions, including Aesthetics and Therapeutics, as well as corporate functions such as R&D, HR, and Operations, and related areas including incident response, data governance, and privacy strategy.
- Partner closely with cross-functional stakeholders across Commercial, Marketing, Security, Technology Solutions, Third Party Risk Management, and Procurement.
- Lead and conduct privacy impact assessments, audits, privacy reviews, and oversight of patient-facing materials, forms, scripts, notices, opt-in/opt-out mechanisms, and consent language.
- Develop, Document, and maintain privacy operations processes and procedures.
- Triage and documentation of privacy investigations and drive broader privacy operations.
- Develop a deep understanding of how data is used across AbbVie’s products and teams, and research, document, and implement privacy requirements for new products and initiatives.
- Collaborate with Legal Privacy on relevant matters as needed.
- Assist with the development and maintenance of privacy training and awareness programs for business units, new hires, and key stakeholders to foster a culture of privacy compliance across the organization.
- Monitor and assess the impact of evolving U.S. federal and state privacy legislation, regulatory guidance, and enforcement trends on AbbVie's business operations and privacy program.
- Assist with and report on privacy program key performance indicators and metrics to senior leadership, ensuring visibility into program maturity and risk posture.
- Knowledge of and ability to incorporate Privacy by Design (PbD) principles into work products, processes, and decision-making to ensure privacy, data protection, and risk mitigation are considered from the outset and throughout the lifecycle of initiatives.
Qualifications
- Bachelor’s degree required.
- Minimum of 5-7 years of direct privacy experience, with a focus on program operations and governance, risk, and compliance activities.
- Deep knowledge of U.S. privacy requirements, including U.S. state comprehensive privacy laws, U.S. state consumer health data laws, life sciences privacy concepts, HIPAA, TCPA, CAN-SPAM, and Federal Trade Commission frameworks.
- Experience with privacy matters in the digital and advertising technology ecosystem and the biopharmaceutical industry.
- Experience advising on privacy matters related to health information processing and familiarity with patient consent management, call center operations, digital outreach, and vendor oversight.
- Highly organized, detail-oriented, and analytically rigorous.
- Demonstrated ability to manage multiple concurrent projects and workstreams, with strong project management and organizational skills including experience presenting to and advising senior management on privacy matters.
- Experience working across a matrixed corporate environment.
- Ability to quickly identify issues and appropriately prioritize risk and business impact.
- Strong collaboration and influencing skills in a global organization.