Experience
4-7 yrs required
Location
New York City, NY, United States
Posted on
Nov 20, 2022
Profile
Data Privacy Associate (Mid-Level)
The candidate responsibilities will include: Working directly with partners worldwide in our global Data Privacy, Cybersecurity and Digital Assets Practice Group, leading or assuming significant responsibility for projects and directly interfacing with clients; carrying out compliance gap assessments and implementing remediation plans; drafting policies and procedures (privacy policies, privacy statements, incident response plans, vendor contracting templates and DPAs, etc.); advising on contract and M&A negotiations; and assisting clients to determine compliance risks and priorities and implementing data protection compliance and information governance programs. Healthcare industry experience is required. A J.D. degree or equivalent is needed. Should have 4-7 years of applied experience with data privacy, including specific health care privacy experience (such as HIPAA and state sensitive information laws). Incident response experience is a plus, Industry experience and/or experience drafting privacy and security policies and procedures for compliance with at least several of the following: FDA, FTC and State AG guidance best practices and enforcement (FIPPs), GLBA, HIPAA, HITECH Act, CAN-SPAM, TCPA, COPPA, FCRA, FERPA, VPPA, Cable Act, Privacy Act, Cal-OPPA, Shine the Light, state breach notification and security laws, US-EU and US-Swiss Privacy Shield and state consumer privacy laws (CCPA/CPRA/CDPA/CPA). Working understanding of international, federal, state, and local privacy and security laws and technologies to support compliance is needed. Excellent research and organizational skills; strong verbal and written communication abilities are needed. A self-starter with the ability to prioritize workload with competing demands, display good judgment and work well under pressure is required. Must be capable of working in a collaborative, congenial environment. Proven ability to independently manage matters, or meaningful segments of large/complex matters, and to facilitate pushing projects to completion. Admission to practice and in good standing in any U.S. state where an SPB office resides is required. Should preferably have digital healthcare and privacy experience. Certified Information Privacy Professionals are preferred, including the following certifications: CIPP-US, CIPP-EU, and CIPM.
Company info
Sign Up Now - EmploymentCrossing.com