Boston Scientific
Senior Legal Counsel, US Privacy & Data Protection
Boston Scientific, Osseo, Minnesota, United States, 55311
Overview
Additional Location(s):
US-MA-Marlborough Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance Boston Scientific is committed to helping you develop by working in teams of diverse, high-performing employees. You will tackle important health industry challenges with access to the latest tools, information, and training to advance your skills and career. Here, you\'ll be supported in progressing to meet your ambitions. About the role: Boston Scientific is seeking a United States-based Privacy Counsel to join the legal department as a key contributor to its global privacy team. This role provides the opportunity to deliver legal advice on a broad portfolio of privacy and data protection matters, including advising, investigating, researching, resolving legal issues, and writing corporate policies to ensure privacy and security compliance. Hybrid work model:
The role requires in-office presence at least three days per week. Boston Scientific will not offer sponsorship for this position at this time. Relocation assistance is not available. Your responsibilities
Advising business teams on the applicability and impact of regional, federal, and state privacy frameworks and regulations, considering roles such as medical device provider, healthcare provider, controller, processor, covered entity, business associate, or hybrid entity. Managing outside counsel to support global business goals and ensure compliance with privacy and security laws. Fostering company compliance with global privacy and data protection laws and best practices. Providing legal counsel in business development activities, including due diligence, privacy issues, transfer of responsibilities, product development issues, and directing outside counsel as needed. Identifying, implementing, maintaining, and updating privacy policies, procedures, training, and materials with cross-functional coordination (Global IT, Cybersecurity, Legal & Compliance, Global Security, Global Quality, business units, HR). Interacting with program and product management to provide guidance on privacy and information security projects. Assisting with processes for handling privacy/security breach incidents, complaints, and government inquiries. Coordinating privacy impact assessments, audits, and implementing recommendations. Reviewing privacy implications of business changes, including mergers and acquisitions, marketing, and outsourcing. Reviewing and advising on data protection in contracts (IT cloud, development, distributor data handling, consulting, NDAs, research, data use, clinical, M&A, and other areas). Structuring, negotiating, and drafting privacy and data protection agreements; reviewing data protection sections of software licenses, MSAs, PSAs, SOWs, and other agreements. Assisting in data mapping and third-party/vendor data management and compliance. Staying current on privacy developments, laws, and benchmarks affecting global medical devices and healthcare organizations. Required qualifications
J.D. from an accredited university with admission to practice law in at least one state. Understanding of HIPAA, state privacy laws, My Health My Data laws, and U.S. privacy laws, and GDPR. Advanced proficiency in reviewing complex privacy agreements and strong contract drafting/negotiation skills. Minimum 5 years of related legal experience advising on global privacy and data protection for medical device/healthcare clients, ideally in-house. Preferred qualifications
Privacy certifications (e.g., IAPP, CHPC) or similar credentials. Knowledge of standards such as NIST, ISO 27001/27002; other privacy/security certifications (e.g., CIPP). Experience advising medical device, pharmaceutical, or healthcare provider clients. Experience guiding global privacy projects, risk mitigation, and data governance. Understanding of LGPD, PIPEDA, PIPL, PIPA, and similar global frameworks. Familiarity with IT service management, CRM, cloud systems, and related DPAs. Understanding of responsible AI and data governance in healthcare/medical device contexts. Strong communication, presentation, interpersonal, and project management skills. Ability to work independently and drive results; proactive with continuous improvement. Requisition ID:
613154 Salary range:
Minimum $133,700 — Maximum $254,000. Compensation varies by location, experience, and education. At Boston Scientific, it is not typical to hire near the bottom or top of the range. Note:
Compensation for non-exempt roles may include variable pay (overtime, shift differential, annual bonus). For exempt roles, variable pay may include annual bonus and long-term incentives. For MA positions:
It is unlawful to require or administer a lie detector test for employment. Violators are subject to penalties. Boston Scientific is committed to solving health challenges with a diverse and inclusive workplace. We are an equal opportunity employer and ensure recruitment and employment decisions are made without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, gender expression, veteran status, age, disability, genetic info, or any other protected class. COVID-19 vaccination : Some US positions require proof of vaccination. Boston Scientific will comply with applicable laws and healthcare credentialing requirements.
#J-18808-Ljbffr
Additional Location(s):
US-MA-Marlborough Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance Boston Scientific is committed to helping you develop by working in teams of diverse, high-performing employees. You will tackle important health industry challenges with access to the latest tools, information, and training to advance your skills and career. Here, you\'ll be supported in progressing to meet your ambitions. About the role: Boston Scientific is seeking a United States-based Privacy Counsel to join the legal department as a key contributor to its global privacy team. This role provides the opportunity to deliver legal advice on a broad portfolio of privacy and data protection matters, including advising, investigating, researching, resolving legal issues, and writing corporate policies to ensure privacy and security compliance. Hybrid work model:
The role requires in-office presence at least three days per week. Boston Scientific will not offer sponsorship for this position at this time. Relocation assistance is not available. Your responsibilities
Advising business teams on the applicability and impact of regional, federal, and state privacy frameworks and regulations, considering roles such as medical device provider, healthcare provider, controller, processor, covered entity, business associate, or hybrid entity. Managing outside counsel to support global business goals and ensure compliance with privacy and security laws. Fostering company compliance with global privacy and data protection laws and best practices. Providing legal counsel in business development activities, including due diligence, privacy issues, transfer of responsibilities, product development issues, and directing outside counsel as needed. Identifying, implementing, maintaining, and updating privacy policies, procedures, training, and materials with cross-functional coordination (Global IT, Cybersecurity, Legal & Compliance, Global Security, Global Quality, business units, HR). Interacting with program and product management to provide guidance on privacy and information security projects. Assisting with processes for handling privacy/security breach incidents, complaints, and government inquiries. Coordinating privacy impact assessments, audits, and implementing recommendations. Reviewing privacy implications of business changes, including mergers and acquisitions, marketing, and outsourcing. Reviewing and advising on data protection in contracts (IT cloud, development, distributor data handling, consulting, NDAs, research, data use, clinical, M&A, and other areas). Structuring, negotiating, and drafting privacy and data protection agreements; reviewing data protection sections of software licenses, MSAs, PSAs, SOWs, and other agreements. Assisting in data mapping and third-party/vendor data management and compliance. Staying current on privacy developments, laws, and benchmarks affecting global medical devices and healthcare organizations. Required qualifications
J.D. from an accredited university with admission to practice law in at least one state. Understanding of HIPAA, state privacy laws, My Health My Data laws, and U.S. privacy laws, and GDPR. Advanced proficiency in reviewing complex privacy agreements and strong contract drafting/negotiation skills. Minimum 5 years of related legal experience advising on global privacy and data protection for medical device/healthcare clients, ideally in-house. Preferred qualifications
Privacy certifications (e.g., IAPP, CHPC) or similar credentials. Knowledge of standards such as NIST, ISO 27001/27002; other privacy/security certifications (e.g., CIPP). Experience advising medical device, pharmaceutical, or healthcare provider clients. Experience guiding global privacy projects, risk mitigation, and data governance. Understanding of LGPD, PIPEDA, PIPL, PIPA, and similar global frameworks. Familiarity with IT service management, CRM, cloud systems, and related DPAs. Understanding of responsible AI and data governance in healthcare/medical device contexts. Strong communication, presentation, interpersonal, and project management skills. Ability to work independently and drive results; proactive with continuous improvement. Requisition ID:
613154 Salary range:
Minimum $133,700 — Maximum $254,000. Compensation varies by location, experience, and education. At Boston Scientific, it is not typical to hire near the bottom or top of the range. Note:
Compensation for non-exempt roles may include variable pay (overtime, shift differential, annual bonus). For exempt roles, variable pay may include annual bonus and long-term incentives. For MA positions:
It is unlawful to require or administer a lie detector test for employment. Violators are subject to penalties. Boston Scientific is committed to solving health challenges with a diverse and inclusive workplace. We are an equal opportunity employer and ensure recruitment and employment decisions are made without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, gender expression, veteran status, age, disability, genetic info, or any other protected class. COVID-19 vaccination : Some US positions require proof of vaccination. Boston Scientific will comply with applicable laws and healthcare credentialing requirements.
#J-18808-Ljbffr