Data Protection Associate - Junior Position

Boulogne-Billancourt, Lyon, Saint-Jean-de-Luz, Hybrid.

About Us

At iliomad Health Data, we specialize in delivering cutting-edge privacy solutions tailored for Biotech, Healthtech, and Healthcare institutions. Our core expertise lies in navigating complex privacy regulations such as the EU GDPR, UK GDPR, HIPAA, CCPA, CPRA, Swiss FDAP, and the AI Act, particularly in the realms of clinical research and data governance. Join us in our mission to revolutionize data privacy in the life sciences and medical research sectors.

Our firm is wholly committed to ensuring our clients' satisfaction. We offer guidance and operational strategies to ensure a superior standard of compliance. Instead of suggesting "You should do this," we assert "You must do this, and here's how to achieve it.”

iliomad is now seeking his/her new Data Protection Manager to support its growth and improve services.

Job Description

We are looking for a highly skilled and experienced Data Protection Associate to join our dynamic team. Reporting to the Data Protection Manager, the successful candidate will work on compliance programs for various client operations in the clinical research field. Projects will encompass clinical trials for drugs and medical devices, health digital platforms, health apps, data warehouses, and AI for life sciences.


Activities will include :

Collaborate with the Project Manager to execute our clients' compliance initiatives.

Responsibilities will include:

  1. Review data protection language of the medical development documentation (Study Protocol, ICFs, information notice, GDPR statement on CTIS, …)
  2. Contractual reviews (Clinical Trial Agreements, Vendor Agreements, Data transfers)
  3. Provide all mandatory documentation (Records of Processing Activities, designation letters, SOPs)
  4. Performing Data Protection Impact Assessments (DPIAs)
  5. Manage potential Data Subject Request and Data Breach on behalf of our clients
  6. Perform all formalities required (registration to authorities, …)
  7. Organizing monthly meetings
  8. Conduct  trainings (GDPR, HIPAA, …)
  9. Ensure clients compliance with all relevant privacy laws (EU GDPR, UK GDPR, HIPAA, CCPA, CPRA, Swiss FDAP, AI Act, ...) in the context of medical research.
  10. Collaborate with various departments with our clients to ensure compliance is integrated into all aspects of their operations
  11. Build a Data governance anticipating data reuse and innovative medical research
  12. Perform audit reports and gap analyses
  13. Maintain up-to-date knowledge of the latest trends and changes in privacy laws and regulations

Knowledge Management

The selected candidate will work on various topics related to knowledge management, including building an internal knowledge database, contributing to articles, webinars, interviews, and newsletters.

Key Criteria For Success

Curiosity and Friendliness: We value a curious mindset and a friendly disposition, which fosters a collaborative and innovative work environment.

Experienced: Candidates should possess at least 1-2 years of experience in the field, demonstrating strong project management skills.

Proactivity and Team Contribution: A proactive approach is essential, along with the ability to contribute meaningfully to our team. We are looking for an individual who is self-driven, autonomous, and capable of researching and delivering content on unfamiliar subjects

Rigorousness Required: The path through regulations and requirements is challenging, necessitating a serious approach to develop Customized Compliance Programs for our clients.


  • A degree in Law, Data Protection, Information Security, or a related field.
  • Any certification related to the Data Protection (CDPO, ISO27001, ISO27005, CIPM) is appreciated.
  • Proven experience of a minium of 1-2 years in data protection and compliance. Having experience in the life sciences or medical research field will be highly valued.
  • To excel in this role, it is essential to have a robust understanding of privacy regulations, particularly the EU GDPR, as it is the primary regulation applicable to our operations. Additionally, familiarity with other regulations such as the UK GDPR, HIPAA, CCPA, CPRA, Swiss FDAP, and the AI Act is also necessary.
  • Excellent organizational and project management skills.
  • Proficiency in both French and English is required. The role involves conducting all aspects of the job, including customer meetings, exclusively in English.


  • Health insurance
  • Opportunity to work in a dynamic, innovative environment.
  • Certification Support: We sponsor individual certifications that enhance our services, including ISO27005, CDPO, and CIPM.
  • Career growth opportunities in a rapidly evolving field.
  • Salary: 35-38K

Application Process

Interested candidates should submit a cover letter and CV detailing their experience and qualifications for this role. Please highlight how your skills and experiences align with the key criteria for success in this position.

  • Chosen candidates will undergo multiple meetings with the founders.
  • Their skills will be evaluated, along with their proficiency in English.

Deadline For Application


Are you ready?

Max size for file is 10 MB.
Max size for files is 10 MB.
Your submission has been received, thank you!
We'll get back to you shortly.
Something went wrong while submitting the form.
Please try again.