Data Privacy Officer – China

Position Summary:

Seeking a highly experienced DPO with strong regulatory background to lead our data privacy and compliance initiatives across China.

• Develop and implement a comprehensive privacy framework while ensuring compliance with local and global data protection regulations.
• Lead privacy and data protection activities including Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) across clinical operations, cross-border data transfers, and incident response management.
• Serve as the key liaison with regulators and IT Security to oversee lawful data processing, enforce safeguards, and ensure contractual and system-level compliance.

The job comprises of ensuring compliance with China’s Personal Information Protection Law (PIPL) and related regulations, while maintaining alignment with global standards such as the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), and the California Consumer Privacy Act (CCPA). The role requires expertise in intellectual property (IP), trademark law, outsourcing, information security, and contract lifecycle management (CLM) systems, providing authoritative guidance across legal, technical, and operational teams.