Manager Privacy

Profile

Manager, Privacy (Remote)
The candidate will assist with the development, implementation, and maintenance of privacy and data protection policies and standard operating procedures for HIPAA, state privacy laws, GDPR, and other emerging domestic and global privacy laws. Working with members of the Privacy Office, providing advice and counsel to business teams, and providing compliance support on all aspects of U.S. federal and state privacy laws and regulations. Assist in refining and standing up new data protection readiness programs necessitated by evolving global data protection laws and regulatory frameworks. Advise businesses and provide support on matters relating to privacy, informed consent, and genetic testing. ​ Intake, investigate, notify and respond to OCR, state regulatory, and patient inquiries regarding PHI and PII incidents and breaches. Direct appropriate mitigation and training. Provide guidance on HIPAA compliance in electronic communications. Work with cross-functional business and legal teams to ensure alignment between privacy laws and regulations and business imperatives, including by developing practical solutions. Analyze data privacy and protection incidents and breaches to determine trends and develop tailored training and solutions. Provide periodic reporting of incidents, breaches, resolutions, and trends to relevant stakeholders. Manage the process of responding to individual rights requests, ensuring compliance with regulatory timelines. Stay abreast of new privacy and data protection requirements and assess their impact on existing operations; modify policies and procedures accordingly and collaborate with business teams to promote alignment between requirements and policies and procedures. Work collaboratively with privacy and compliance team on day-to-day occurrences. Assist in department initiatives and special projects. Work with Legal to interpret regulations, and assist with and manage a variety of tasks, projects, and processes. Should have B.S. or equivalent required, M.S. or J.D. strongly preferred; CIPP/US, CIPP/E, and/or CIPM or other relevant privacy certification highly desirable; 7+ years in a law firm or healthcare company working on HIPAA privacy and security issues; 5+ years addressing compliance regulations, state privacy laws, and regulations, or other legal matters; specialized knowledge of GDPR, CCPA, and other emerging privacy laws and regulations; experience with design, implementation, and maintenance of privacy compliance policies, procedures, and programs; demonstrated ability to translate regulatory requirements into practical and actionable elements while supporting business strategy; experience providing guidance on the effective development and implementation of privacy controls; experience in performing privacy risk assessments and ongoing privacy compliance monitoring activities; demonstrated project management experience; ability to work independently and collaboratively. Cognitive ability to observe and interpret information, assess data, make an assessment, and recall details as needed. Sitting or standing for long periods of time as routinely found in an office environment; demonstrable track record of making informed decisions despite ambiguity, prioritizing and delivering measurable results in a fast-paced environment; effective communication (verbal and written), research, drafting, proofreading, planning, organizational, and computer skills; strong interpersonal skills; ability to interact professionally with colleagues, customers, and patients; ability to maintain composure under pressure; ability to follow through, meet deadlines, maintain the highest level of confidentiality, anticipate requirements, and build relationships. Must be resourceful and creative with a roll-up-your-sleeves mentality; Self-motivated and results-oriented; MS Office and other business applications, including Microsoft Excel and Powerpoint. Should have knowledge of HIPAA/HITECH is required, as well as familiarity with state privacy and data protection laws, global data protection laws (primarily GDPR and PIPEDA), marketing, and/or general data privacy protection principles. Experience in the genetics testing industry, with knowledge of privacy principles and laws applicable to genetic testing, is highly desirable. ​

Company info

Sign Up Now - EmploymentCrossing.com