Help us change lives

At Exact Sciences, we're helpingchange how the world prevents, detects and guides treatment for cancer. We give patients and clinicians the clarity needed to make confident decisions when they matter most. Join our team to find a purpose-driven career, an inclusive culture, and robust benefits to support your life while you're working to help others.

Position Overview

Exact Sciences (the "Company") seeks a Chief Privacy Officer (CPO) with experience to effectively and efficiently implement and execute the Company's comprehensive global privacy compliance program ("Privacy Program"). As our CPO, you will be highly motivated and an action-oriented individual who is at ease in continuing to build and enhance the Privacy Program to comply with global data privacy regimes like HIPAA, CPRA, GDPR, and others. We need a strong leader to drive the privacy compliance strategy for multiple business initiatives and projects while partnering with the broader legal and compliance teams. The successful candidate will be a seasoned privacy professional passionate about ensuring privacy compliance and providing an exceptional customer experience.

The CPO will be responsible for building and leading a team of privacy compliance professionals with varying backgrounds to facilitate the Company's global privacy compliance program efforts. The CPO will also be responsible for developing, operationalizing, and enhancing the organization's efforts to create and deliver effective privacy training, education and internal communications supporting the Company's efforts to identify and address matters of concern as it relates to the Privacy Program. This position will oversee privacy investigations and responses to any potential privacy incidents.

The position is required to work from one of our U.S. locations (Madison, Phoenix, San Diego, or Cambridge), with a strong preference for working from our Corporate Headquarters located in Madison, Wisconsin.

Essential Duties

Include but are not limited to the following:

• Oversee the continued development, implementation, and monitoring of the elements of an effective privacy compliance program.
• In close coordination with the Legal team, serve as a subject matter expert on global data privacy and protection laws, regulations, policies, and best practices.
• Optimize the Company's privacy and data protection policies, procedures, including those related to web tracking technologies, mobile and digital products and services.
• Work cross-functionally with the Company's product business units, legal, marketing, information technology, information security, and other teams to address privacy requirements in a highly efficient manner that effectively supports Company priorities.
• Manage and operate the privacy monitoring function in a manner that can identify and manage risk, including leading data protection risk assessments and remediation efforts.
• Work with all levels of management to integrate the Privacy Program for enterprise-wide lab operations, sales, and patient results across global regions.
• Oversee the compliant implementation of GDPR standards in light of our European operations, with a strong focus on stakeholder collaboration.
• Ensure that business and technical tools and processes comply with privacy laws and regulations.
• Work closely with the Legal department, including privacy counsel, to monitor and analyze new and developing laws, regulations, agency guidance and enforcement activity within the healthcare industry and incorporate learnings into internal education, messaging, and policy development efforts.
• Coordinate, as appropriate, with legal counsel, to conduct or authorize and oversee investigations of matters under the Privacy Program and oversee follow-up and, as applicable, resolution to investigations and other issues generated by the Privacy Program, including development of corrective action plans.
• Regularly review the Privacy Program, identify potential weaknesses, and proactively recommend appropriate revisions and modifications.
• Drive improvement and change through expertise and influence.
• Research privacy and data protection laws, regulations, and best practices.
• Develop and present privacy compliance training modules to promote data protection culture and awareness throughout the Company.
• Support information security in its efforts to protect the Company's data and systems from threats, and in the Company's response to security incidents impacting personal data.
• Support M&A post-close integration efforts.
• Cultivate an environment where colleagues respect and adhere to Company standards of integrity and ethics.
• Lead a team of privacy compliance professionals.
  

Skills

• Privacy Expertise: Possess in-depth knowledge of HIPAA, state privacy laws, GDPR, and other major global privacy legislative frameworks, demonstrating proficiency in navigating complex privacy regulations and cross-jurisdictional data protection and privacy issues.
• Experience with building privacy compliance programs for a patient-facing health care company.
• Privacy and Technology Acumen: A solid understanding of the interplay between privacy and technology issues, showcasing an ability to address privacy concerns within a technological context.
• Operational Excellence: A proven track record of operationalizing privacy guidance to implement and maintain an efficient and effective Privacy Program that enables business priorities while mitigating risk.
• Cross-functional Collaboration Skills: Establishing and nurturing cross-functional, collaborative relationships with business and technology partners.
• Executive-Level Engagement: Hands-on experience working with executives and key stakeholders, contributing to informed business decision-making processes by providing valuable insights and guidance in privacy matters.
• Exceptional Communication Skills: Excellent verbal and written communication skills and the ability to effectively convey complex privacy concepts and translate them into practical policies and training to technical and non-technical audiences, facilitating understanding and compliance across the organization.
• Consistent demonstration of exceptional leadership qualities, including but not limited to the ability to attract and retain the best team, foster a culture of high performance, lead with integrity, humility, accountability, and courage, and set a clear vision to energize teams towards the future.
• Effectively manage, support, and guide your team, including, but not limited to delegating tasks and responsibilities, assessing employee performance, and provide helpful feedback and training opportunities.
• Ability to juggle competing priorities and drive results with a high emphasis on quality.
• Comfortable delivering data protection advice to a variety of stakeholders.
• Ability to analyze processes and determine if adequate controls are in place that maximize efficiency and are appropriate for the related activity.
• Ability to field questions from individuals throughout the Company and accurately and correctly provide guidance on questions and requests.
• Ability to take direction and independently work towards achievement of projects.
• Ability to independently identify and analyze issues and to exercise sound judgment to resolve those issues.
• Uphold Company mission and values through accountability, innovation, integrity, quality, and teamwork.
• Regular and reliable attendance.
• Ability to work on a mobile device, tablet, or in front of a computer screen and/or perform typing for approximately 90% of a typical working day.
• Ability to travel between Company locations.
• Ability to travel 30% of working time away from work location, including overnight/weekend travel.
  

Minimum Qualifications

• Bachelor's degree in business, human resources, technology, or related field as outlined in the Essential Duties.
• 8+ years of privacy compliance, ethics, legal, or related experience.
• 5+ years of focused privacy program experience in a healthcare company.
• 3+ years of focused privacy program management experience in a life sciences or related industry.
• 2+ years of supervisory experience.
• IAPP CIPP/US or CIPM certification; CIPP/E optional.
• Demonstrated ability to navigate complex legal and regulatory environments.
• Demonstrated effective leadership skills to promote a compliance-oriented culture within the organization.
• Proficient in Microsoft Office.
• Demonstrated ability to perform the Essential Duties of the position with or without accommodation.
• Authorization to work in the United States without sponsorship.

Salary Range:

Exact Sciences is proud to offer an employee experience that includes paid time off (including days for vacation, holidays, volunteering, and personal time), paid leave for parents and caregivers, a retirement savings plan, wellness support, and health benefits including medical, prescription drug, dental, and vision coverage. Learn more about our benefits.

Our success relies on the experiences and perspectives of a diverse team, and Exact Sciences fosters a culture where all employees can develop personally and professionally with a sense of respect and belonging. If you require an accommodation, please contact us here.

Not ready to apply? Join our talent community and stay up to date on what's new at Exact Sciences.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to age, color, creed, disability, gender identity, national origin, protected veteran status, race, religion, sex, sexual orientation, and any other status protected by applicable local, state, or federal law. Any applicant or employee may request to view applicable portions of the company's affirmative action program.

To view the Right to Work, E-Verify Employer, and Pay Transparency notices and Federal, Federal Contractor, and State employment law posters, visit our compliance hub. The documents summarize important details of the law and provide key points that you have a right to know.