Lightship is the premier provider of enterprise level, technology enabled decentralized clinical research services. In this capacity, Lightship makes research participation more accessible for everyone by functioning as a telemedicine-enabled clinical research site within a research study. To be successful at Lightship, you need to be passionate about our mission of redefining trials and providing hope for all, and our core values: we believe in people, we embrace change, we serve others, and we make an impact.

Lightship is seeking an experienced data protection professional who can think innovatively and provide pragmatic advice to ensure that Lightship has the right policies, processes, and controls in place to meet its current and future privacy obligations. The individual will oversee all data protection practices within the organization, and act as a trusted expert advisor to the business on all data privacy matters, particularly those associated with technology innovation and the processing of highly sensitive patient information.

Given Lightship’s distributed model and the remote nature of this position a successful candidate will possess a willingness and desire to work independently without significant oversight.


We would like to offer you:

  • An opportunity to help re-envision how clinical research is executed with inclusivity, increased diversity and accessible at the core
  • The chance to work with a patient-centered, clinically-oriented, collaborative team to support in the delivery of enterprise grade direct-to-patient clinical research solutions at scale
  • An unmatched opportunity to grow as part of an early stage startup with industry veterans, high-caliber investors, and a massive market opportunity
  • Competitive compensation

Generous benefits package, including:

  • Top notch private supplemental healthcare (medical, dental, and vision) for you and your family, effective on day one of employment.  
  • Holidays Policy (25 days), plus public bank holidays and bereavement to help support work life balance.
  • Company sponsored group pension program w/ company contribution.
  • Generous paid parental leave
  • Group Life Cover


Senior Director, Data Protection is responsible for

  • Proactively monitoring and maintaining detailed knowledge and awareness of the current legislative environment, both within and outside of Europe. Continually assessing the impact of legislative change on Lightship’s operations and leading the program of work necessary to ensure continued compliance.
  • Collaborating with internal constituents in legal, regulatory, quality, international, operations and technology to understand all data flows and vendor relationships.
  • Developing a strategic approach in developing a holistic privacy program that can adapt to a rapidly growing company.
  • Investigating and reporting data breaches to the relevant Regulators when required and responding to any follow up requests or questions. This includes, advising internal stakeholders on actions necessary to manage and mitigate risk, as well as overseeing that the controls to prevent future occurrences of such incidents are effectively implemented.
  • Acting as a first point of contact to supervisory authorities, data subjects, employees, and customers regarding Lightship’s data protection practices
  • Working closely with the Quality function to develop and maintain an assurance program including necessary data protection policies, procedures, standards and guidelines and implementation of necessary audits to evidence ongoing compliance.
  • Overseeing the completion and maintenance of records of processing (under GDPR Article 30).
  • Monitoring the Data Privacy Impact Assessment (DPIAs) process, working closely with cross functional business owners to ensure that the risks associated with new and changing initiatives are appropriately identified, assessed, and mitigated.
  • Establishing the necessary training and awareness efforts required to upskill the organization on GDPR and other privacy regulations and fostering a culture of ‘privacy by design’.
  • Clearly communicating data privacy and protection principles and practices to technical and non-technical audiences both in writing and verbally.
  • Overseeing that data subject requests are being executed and responded to in a timely manner. Ensuring that requests are valid and are not impacted by any conflicting legal or regulatory requirements, whilst advising Tech on the actions necessary to appropriately fulfil request depending on the nature of the request.
  • Supporting Legal in ensuring that vendors are appropriately risk assessed from a privacy standpoint and have the necessary contractual clauses in place, prior to commencement of processing.


Senior Director, Data Protection has:

Required knowledge, skills, and abilities

    • Excellent understanding and knowledge of UK & European data protection legislation (GDPR)
    • Great all-round knowledge of other current and emerging global privacy regulations
    • Strong leadership, consultative and advisory skills for privacy compliance programs.
    • Understanding of information infrastructure, security systems and technology
    • Highly organized, detailed orientated and comfortable dealing with complex legal and regulatory information and documentation.
    • Excellent communication skills both written and oral and equally comfortable speaking with internal business users at all levels as well as business partners and vendors.
    • Experience working in the Data Protection, Security and Compliance function for other Life Sciences, Health Care or Health Tech Organizations, particularly those that directly handle patient data.


Education and experience

  • Bachelor’s degree in Law or Computer Science or similar discipline, Masters preferred
  • Law degree or qualification is useful but not essential
  • At least 5 years of experience in data protection
  • Previous experience managing a privacy program
  • One or more International Association of Privacy Professionals (IAPP) certifications such as CIPP/E, CIPP/US and/or CIPM or equivalent data protection qualification desired
  • Combination of requisite education, training and experience.

Our commitment to diversity & inclusion:

Lightship promotes a diverse and inclusive workplace. Lightship considers all applicants without regard to racial or ethnic origin, religious or philosophical beliefs, health, sexual orientation, or any other status protected by applicable law.

Please note: For the safety of our patients and each other, all positions at Lightship that require travel, in-person participation, or are patient-facing, do require vaccination against COVID-19.

#jobs #careers #nowhiring #hiringnow 


Apply for this Job

* Required