Head of Compliance

As Head of Compliance, you will play a key strategic role in leading compliance and Quality Management System (QMS) initiatives for software used as Digital Health Technology (DHT), including:

1. Data Collection and analysis as a Service –supporting pharmaceutical companies with digital endpoint data collection.

2. Feasibility Studies – enabling the development of digital endpoints and associated mobile applications.

3. If relevant: Medical Device Clinical Investigations – ensuring compliance and success in clinical validation.

This position is responsible for ensuring that our products and internal quality standards remain fully aligned with global regulatory requirements and client expectations.

Responsibilities: 

Quality&Security Management/Assurance:

• Support development teams in defining the Software Development Life Cycle (SDLC) process to comply with relevant Industry standards and ICH-GC, while maintaining agile development methods.
• Oversee CSV, V&V, and infrastructure qualification, following GAMP-5 principles and other relevant best industry practices (e.g. FDA SCA). 
• Collaborate with process and system owners on implementation and periodic review.
• Oversee disaster & recovery and business/trial continuation strategies through collaboration withe the ISMS, Engineering, and ClinOps teams.
• Collaborates with the ISMS and engineering team on cybersecurity and information security strategies under ISO 27001.
• Support the operation teams in the implementation and integration of QMS processes related to service provision, meeting ICH-GCP and ISO 9001 requirements.
• Ensure that product and process documentation is implemented and maintained as per ALCOA++ principles and according to relevant regulatory requirements and internal QMS and ISMS requirements.
• Accountability for all aspects of risk management oversight (e.g. business, clinical, product, security) as part of a centralised risk- register. 
• Collaborate with process experts on risk management implementation and maintenance.
• Coordinate and represent the company during external audits and regulatory inspections.
• Coordinate internal audits and maintain rigorous supplier controls and audits.
• Oversee legal, security, privacy and regulatory compliance through interaction with experts.
• Assume role of Management Representative as per ISO 13485.
• Oversee and lead training management in collaboration with HR.

Regulatory Affairs:

• Oversee regulatory strategies for DHT and digital endpoints, ensuring compliance with relevant international regulations for theadoption and integration of digital measures in clinical trials, focusing on evidence generation and data integrity.
• Align with clinical development strategies from the science team, market strategies from the product team, and sales strategies from the business development team.
• Manage communication with regulatory authorities and notified bodies.
• Assist the Clinical Operations team in establishing and managing clinical trials, ensuring the integration of digital solutions complies with regulatory requirements and ethics.
• Align with the sales department on sales strategies to ensure all claims are compliant with regulatory standards and align with clinical team on available clinical evidence.
• Maintain up-to-date knowledge of relevant regulations.
• Assume the Person Responsible for Regulatory Compliance (PRRC) role for Indivi as the legal manufacturer for SaMD studies.

Legal oversight:

• Oversee international data privacy requirements and their implementation in the QMS through collaboration with the DPO.
• Collaborate with the business development team and external legal experts on alignment of legal questions related to contracting and quality agreements, if relevant.
• Collaborate withe the clinical data management team on legal requirements around data collection (e.g. EU data act).
• Maintain up-to-date knowledge of legal requirements that may impact the product.
• Company or contracting (e.g. sustains directive, Sunshine act etc) in collab legal experts.

Leadership Activities:

• Lead and guide a small team with direct reports and contractors, with the scope to adjust team size or external support based on the company’s evolving strategic requirements.
• Define and implement the best practices and tools necessary to achieve team goals efficiently and effectively.
• Facilitate a culture of open communication and decision-making, balancing discussion and decisiveness.
• Promote an environment where team members feel valued and heard, encouraging open discussions while also making timely decisions to move projects forward.
• Conduct performance reviews, provide regular and constructive feedback, and identify training and development opportunities to help team and Members grow professionally.
• Regularly update key stakeholders on project statuses, strategic initiatives, and other critical updates, ensuring transparency and alignment with the broader company objectives.
• Proactively anticipate risks, develop mitigation strategies, and communicate potential impacts to stakeholders.

Necessary Competence (education qualification):

• Master’s degree in life sciences, engineering, or related fields.
• At least seven years of experience with quality management, information and regulatory affairs in a regulated industry, specifically inMedTech/Digital health, with a strong focus on software.
• Demonstrated knowledge and experience with Pharma GxP and, ISO 9001, and medical device framework (ISO 13485).
• Demonstrated knowledge and experience with governance of ISMS under ISO 27001.
• Any of the following qualifications: ISO 27001
• Lead Auditor / Implementer, CISMA / CISA CRISC.
• Demonstrated knowledge and experience with governance of AI and ML regulatory oversight (US and EU).
• Demonstrated experience with DHT and cloud solutions.
• Ideally, previous experience with governance of data privacy requirements, or willingness to learn.
• ICH E 6(R3) GCP certification and previous exposure to clinical projects and audits under ICH-GCP

Needed skills:

• Excellent team player with a “can-do” attitude, comfortable in a multicultural environment and under pressure.
• Hands-on mentality.