The Data Privacy Technologist will support the organization in EU GDPR compliance, aligning with global Data Privacy efforts. This role plays a key part in helping the organization meet the highest standards of Data Privacy Compliance, with a focus on de-identification and anonymization procedures for personal data (e.g., patient, physician) within SHS Business Units.
Tasks and Responsibilities:
- Define de-identification and anonymization procedures for patient data collected in cooperation with healthcare organizations.
- Identify direct and indirect identifiers, perform risk assessments of data sets, and calculate re-identification risks, advising on mitigation measures.
- Discuss data needs with internal stakeholders, ensuring adherence to data privacy regulations while retaining data usefulness.
- Apply the data avoidance and data minimization principles to differentiate between personal and anonymized data.
- Stay updated with advancements in technology, particularly in re-identification methods (e.g., AI), and take corrective actions as needed.
- Work closely with the Data Privacy compliance organization, data owners, and the R&D teams.
- Contribute ideas to improve data handling processes within the company.
Qualifications and Experience:
- University degree in statistics, computer science, data science, or mathematics.
- Expertise in processing personal data and anonymization techniques (e.g., pseudonymization, obfuscation, k-anonymization, hashing, encryption).
- 2-3 years of experience in a Data Privacy role with sound knowledge of GDPR and other data protection regulations (e.g., HIPAA).
- Experience in minimizing and de-identifying healthcare data, familiarity with healthcare image data formats (e.g., DICOM, HL7).
- Experience interacting with Data Protection Authorities, Regulators, or Government Agencies is preferred.
- Certifications such as CIPP/E, CIPT, CIPM(GDPR), DCPP are a plus.
Profile and Skills:
- Strong analytical and statistical skills, with the ability to explain complex issues clearly and logically.
- Willingness to take responsibility and act solution-oriented between business and legal standpoints.
- Demonstrated ability to collaborate in a cross-functional, cross-cultural matrix environment.
- At least 2+ years of experience working with multinational teams.
- Proven stakeholder management and influencing skills.
- Ability to demonstrate decisiveness and sound judgment consistently.
- Ability to manage multiple projects simultaneously and prioritize effectively.
- A team player, confident in communicating with internal stakeholders and external parties (e.g., government officials).
