Job Posting Title Dir, Priv & Data Protection Officer EMEA

This hybrid role is the senior privacy leader for DePuy Synthes across the EMEA region. The Director will be responsible for privacy governance and formal Data Protection Officer duties, ensuring compliance with global and local data protection laws while driving responsible innovation in a medical technology organization.

Key Responsibilities

• Lead the implementation and ongoing oversight of the DePuy Synthes privacy program across the region, ensuring alignment with applicable local and regional laws and regulations.
• Advise business partners on privacy and data protection requirements throughout all stages of R&D, product development, commercialization, clinical trials, HEMA activities, and lifecycle management.
• Serve as the designated Data Protection Officer, acting as an independent advisor on data protection obligations and risk management.
• Embed privacy capabilities in named privacy stewards from relevant functions, handling escalations, driving consistency, and delivering ongoing training and education.
• Identify and implement region‑specific adaptations of global privacy policies, standards, and procedures to support compliant collection, use, transfer, and retention of personal data.
• Provide strategic guidance to business leaders on privacy risks associated with new products, digital health solutions, clinical activities, and commercial initiatives.
• Oversee regional privacy impact assessments, data transfer assessments, and mitigation plans for high‑risk processing activities.
• Partner with Information Security and Legal teams to support incident response, breach management, and regulatory communications in the region.
• Lead privacy training and awareness programs to strengthen a culture of data protection and accountability across the organization.
• Monitor regional regulatory developments and emerging privacy risks, translating requirements into practical business guidance.
• Maintain external relationships with regional regulators and internal stakeholders to support audits, inquiries, inspections, and data incident responses.
• Provide support for data contracting processes, including for escalations.

Qualifications

• Bachelor’s degree required, preferably in Law, Information Systems, Business, or a related field.
• Advanced degree (JD, LLM, MBA, or equivalent) preferred.
• Minimum 10–12 years of progressive experience in privacy, data protection, cybersecurity, or related legal roles, including leadership responsibility.
• Demonstrated experience serving as or supporting a Data Protection Officer function within a regulated environment.
• Experience in privacy data regulations in the healthcare industry.
• Strong working knowledge of global privacy regulations (e.g., GDPR, APAC privacy frameworks) and their business application.
• Proven ability to influence senior leaders and operate effectively in a complex, global organization.
• Experience partnering with technology, security, and digital teams on privacy‑by‑design initiatives.
• Preferred: Specific data protection or privacy experience within medical devices, medtech, life sciences, pharmaceutical industries, or healthcare insurers/systems.
• Experience supporting global or regional privacy programs across multiple jurisdictions.
• Strong judgment, independence, and ability to manage sensitive matters with discretion and integrity.
• Prior engagement with regulators and supervisory authorities.
• Demonstrated people or program leadership experience.
• Fluent in English; German proficiency preferred.
• Travel up to 20% international.
• Preferred privacy certifications: CIPP/E, CIPM, CIPT, or equivalent.

Locations

• London, United Kingdom
• Zug, Switzerland
• Loughbeg, Ringaskiddy, Cork County, Ireland
• Diegem, Belgium
• Amersfoort, Netherlands
• Umkirch, Germany