🌎
This job posting isn't available in all website languages
📁
Legal
📅
21000AEU Requisition #
Careers that Change Lives
 
The Americas Legal Director provides a broad range of leadership and direct support and execution for the design, development, coordination, implementation and ongoing management of Medtronic’s global data protection and privacy program that covers all Medtronic businesses and functions in the AMERICAS region.   
 
A Day in the Life
Key responsibilities include:
  • Lead by example to model a culture of ethics and integrity; exercise sound judgment and courage as a trusted advisor to the business and to the team;
  • A role model among leaders, displaying personal integrity and ability to affect change.
  • Foster ethical culture, including “tone at the top” and “tone in the middle” through strategic influence and leadership.
  • Lead Counsel on Data and Privacy for the Region
  • Overall accountability for Data and Privacy regional  program process, performance, and customer satisfaction.
  • Implements Operational Work @ Local Level: 
Regional Policies & Standards
Collaborate with key stakeholders in region to develop, obtain required approvals, and implement data protection and privacy policies and procedures that meet legal, regulatory and business requirements; collaborate with regional and business privacy professionals and business leads to develop and obtain approvals of regional or business level data protection and privacy policies as necessary;
Implement and operationalize Global Policies and standards in region
Local Training:
In cooperation with Privacy Operations, collaborate with stakeholder partners to develop and implement a global data protection and privacy training and awareness program in region that address data protection and privacy requirements for employees, contractors and vendors as appropriate; ensure standards and processes to monitor individual completion of mandatory training and escalate as necessary;
Regional governance:
In close cooperation with Privacy Operations, collaborate with regional leadership to establish, refine and manage effective data protection and privacy governance activities such as the establishment and management of an executive level governance board, communication, routine and ad hoc meeting management, reporting, notification and escalation, program management, and meeting administration;
Customize Templates and Tools to regional requirements 
Ensure that the organization has and maintains appropriate data protection and privacy model documents in accordance with regional requirements, such as notices, consents, authorization forms, contract language, business associate agreements, and other similar required documents; develop and maintain model document development, review, approval, maintenance and exception procedures for these types of privacy documents;
Triage advising and assessment work to Global team or OU Privacy Specialists, or keep and execute in regional team.
In cooperation with Privacy Operations, develop and manage requirements, standards and processes for conducting privacy impact assessment and/or business consulting activities to be conducted by the regional team, or by the Privacy Operations with support of regional team and other key stakeholders; these assessments and consulting activities may include new product development, material changes to existing products, third party vendor privacy assessments and business consultation requests;
Engage in regional Privacy by Design and bespoke advising in accordance with global policies and procedures;
Provide data protection and privacy program and requirements subject matter expertise as key resource to Operating Units, partner functions, and other key stakeholders in region. 
Compliance associated with local law
In cooperation with Privacy Operations, develop and manage processes and procedures for identification and implementation of new legal requirements relating to data protection and privacy impacting Medtronic businesses.   Provide communication and guidance to COE as well as OU, functional and partnering teams in region for implementation of identified requirements.  Collaborate with stakeholders to test implementation effectiveness for high risk implementation activities as appropriate 
Drive regional/country action plans (GDPR; POPIA;  data localization projects; …)
Coordinate local notifications to authorities
Support certification activities in the Region; lead local Code of Conduct initiatives, monitor compliance
Regional incidents and Data Subject Requests
In close collaboration with Privacy Operations and other key stakeholders, support incident response management, root cause analysis and remediation for privacy incidents and regulator/ government privacy issue inquiries and requests as necessary
Collaborate with Privacy Operations and partnering legal functions to define standards and processes for response to individual rights requests such as data access requests, accounting of disclosures, the right to inspect and copy, restrictions on disclosures, opt-in or opt-out requirements and other related individual rights; execute in region, where needed with support of OU Privacy partners
Support Regional M&A related work 
Remediation:
Ensure remediations adequately and timely resolved
Foster strategic partnerships with multiple key internal and external high-level stakeholders, such as executive leadership.
Local Monitoring
In close cooperation with Chief Privacy Counsel, point of Contact for Risk Partners to support regional coordination and alignment of risk management activities relating to data protection and privacy requirements;
In close collaboration with the Sr. Legal Director, Global Data & Privacy Programs and Privacy Operations, implement and manage effective reporting processes and standards; develop and implement routine and ad hoc management and governance reporting and metrics;
As requested, support execution of a risk based annual plan and routine reporting that is approved by Chief Privacy Counsel.  This plan addresses, at a minimum, key Program activities and enhancements, department or organizational commitments, and program-based mitigation projects anticipated by the Global Program leadership; resources, prioritization and budget implications will be identified in development of the plan;
As requested, support periodic internal Program assessment that results in program enhancement, mitigation and remediation activities as appropriate;
Appoint and oversee Regional and country-level DPO (Data Protection Officer) where required
Local record keeping and reporting
complete and up to date GDI and DMA
Regional customer go-to-model
Support go to market
Support customer discussions on privacy
Provide regional support to Privacy Operations including budget planning and monitoring, resource management, talent management, performance management, coaching/mentoring, and function metrics and reporting;
Represent Regional Needs on Global Leadership Team
People Manager for Regional Team
In close cooperation with Sr. Director, Global Data Strategy and Governmental Affairs, engage in regional advocacy and policy shaping initiatives, and take up roles in  Regional Trade Associations

 
IN ORDER TO BE CONSIDERED FOR THIS POSITION, THE FOLLOWING BASIC QUALIFICATIONS MUST BE EVIDENT ON YOUR RESUME
MUST HAVE:

Law Degree from a well-regarded and accredited university and a 8+ years as a practicing lawyer with specific experience in data protection/privacy requirements, laws and regulations in the US; 7+ years of managerial experience; and 3+ years in comparable program leader role with privacy strategy and  experience in privacy or operations within a global, multi businesses and services organization
Knowledge of and experience providing legal advice and business solutions relating to EU data protection and privacy laws and regulations – with specific expertise relating to health data requirements; 
Experience providing legal advice, support and business solutions for a data protection, privacy, security, or equivalent function directly or indirectly for a large, regulated and matrixed organization;
Prior compliance oversight of complex systems responsibilities preferred, as well as experience in the healthcare industry (particularly medical devices).
Prior success in effectively identifying, assessing and prioritizing compliance-related risks, such as through risk assessment, policies & procedures, training, monitoring, and remediation actions.
NICE TO HAVE:    
Seasoned legal professional with 12+ years  as a practicing lawyer
Legal experience in the medical device, pharma or healthcare industry 
Legal experience in advising on direct-to-customer (B2C) business models;
Ability to manage and execute multiple complex projects (including those with systems responsibilities) across multiple stakeholder groups within required timelines and expectations required.
Understand complex and diverse compliance environments and ability to work effectively with multi-divisional teams in different locations / businesses / geographies to ensure compliance particularly in matrixed and/or multinational organizations.
Ability to work effectively in a team environment and build strong working relationships, involving multiple business functions, units, and/or geographies.  
Ability to identify high risk situations and provide appropriate guidance, including the ability to make courageous and unpopular decisions.    
Ability to make an impact and influence at all levels of employee and management groups, including executive leaders, to implement compliance program initiatives.
Strong ability to influence across functions and Operating Units to negotiate and gain cooperation on operational issues and internal divergent objectives
Demonstrated results orientation (driving to deadlines, financial targets, project goals, etc.)
Proven execution under pressure and ability to maintain positive, enthusiastic attitude.
Demonstrated ability to work on multiple competing priorities simultaneously;
Demonstrated ability to work across a matrixed or virtual organization and still meet objectives 
Experience and demonstrated ability to present to a variety of audiences including the ability to translate technical information 
Exceptional interpersonal, oral, presentation, and written communication skills, including to senior leaders/executive audiences.
About Medtronic
Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health and extend life.  We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be.

We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Let’s work together to address universal healthcare needs and improve patients’ lives. Help us shape the future.

Physical Job Requirements

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role. (ADA-United States of America)

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Minneapolis, Minnesota, United States

📁 Legal

Requisition #: 21000ALM

FORTUNE NAMES MEDTRONIC TO 'CHANGE THE WORLD' LIST

FORTUNE puts Medtronic among the top 20 companies worldwide having a positive social impact through core business strategy.

Read The Story

ENGINEERING

Bring your talents to help us build life-changing technology

LEARN MORE

Three Women Working

INCLUSION AND DIVERSITY

We believe that when people from different cultures, genders, and points of view come together, innovation is the result — and everyone wins. Medtronic walks the walk, creating an inclusive culture where you can thrive.

SEE HOW