GRG Health
Website:
grgonline.com
Job details:
Industry: Healthcare Market Research / Pharma Insights
Location: India (Hybrid / On-site / Remote as applicable)
Experience: 5–10 years
Employment Type: Full-time
Role Overview
We are looking for an experienced IT & Data Compliance Manager to oversee data protection, information security compliance, and regulatory adherence across the organization’s technology and research data systems.
The role will ensure that the company’s data collection, storage, processing, and transfer practices comply with global data protection laws, healthcare regulations, and client contractual requirements, particularly in the context of healthcare market research involving healthcare professionals (HCPs), patients, and clinical insights.
The candidate will work closely with IT, legal, research operations, and client teams to implement robust data governance and compliance frameworks.
Key Responsibilities
Data Privacy & Regulatory Compliance
- Ensure compliance with global data protection regulations including GDPR, HIPAA, DPDP Act (India), and other relevant privacy laws.
- Oversee compliance related to collection and processing of healthcare professional (HCP) and patient-related data used in research studies.
- Develop and maintain internal policies for data privacy, data retention, and lawful data processing.
Information Security & IT Compliance
- Implement and monitor information security controls aligned with ISO 27001, SOC 2, and other industry standards.
- Work with the IT team to ensure secure handling of research data across servers, databases, cloud platforms, and analytics systems.
- Conduct periodic IT compliance assessments and security audits.
Data Governance & Risk Management
- Establish data governance frameworks to ensure data integrity, access control, and proper data lifecycle management.
- Identify and mitigate risks related to data breaches, unauthorized access, and data misuse.
- Manage incident response procedures in case of data security events.
Client & Contractual Compliance
- Support commercial and legal teams in addressing data security and privacy obligations in client contracts and vendor agreements.
- Respond to client compliance questionnaires, security assessments, and due diligence requests.
- Ensure adherence to pharmaceutical industry compliance standards for market research engagements.
Internal Training & Awareness
- Conduct training programs for employees on data privacy, cybersecurity awareness, and compliance practices.
- Promote a strong culture of data protection and ethical data handling across the organization.
Audit & Documentation
- Maintain compliance documentation including data processing agreements, privacy policies, security policies, and audit reports.
- Coordinate internal and external compliance audits and regulatory inspections.
Required Qualifications
- Bachelor’s or master's degree in information technology, Computer Science, Law, Data Protection, or related field.
- 6–10 years of experience in IT compliance, data privacy, or information security roles.
- Strong knowledge of GDPR, HIPAA, and data protection frameworks.
- Experience with information security standards such as ISO 27001, SOC 2, or NIST.
- Familiarity with data governance and cybersecurity risk management.
Preferred Skills
- Experience working in healthcare, pharmaceutical, or healthcare market research industries.
- Certifications such as:
- CIPP (Certified Information Privacy Professional)
- CISSP
- ISO 27001 Lead Auditor / Implementer
- Understanding of cloud security (AWS, Azure, Google Cloud).
Key Competencies
- Data Privacy & Compliance Management
- Information Security Governance
- Risk Assessment & Mitigation
- Regulatory & Client Compliance
- Cross-Functional Stakeholder Management
- Audit & Documentation
Click on Apply to know more.