Job added in hotlist
Applied job
Contract job
Recruiter job
Employer job
Expanded search
Apply online not available
Similar Jobs
Tax Law Specialist, GS 14
Internal Revenue Service (IRS)
Franklin, TN
Apply Now >
Legal Services Director, Licensure and Certification
Kindred Healthcare, Inc.
Franklin, TN
Apply Now >
Litigation Family Law Attorney
BCG Attorney Search
Franklin, TN
Apply Now >
Personal Injury Lawyer
BCG Attorney Search
Nashville, TN
Apply Now >
Litigation Attorney
BCG Attorney Search
Nashville, TN
Apply Now >
View more jobs in Nashville, TN
View more jobs in Tennessee

Job Details

Data Protection Officer amp Senior Privacy Counsel

Company name
Change Healthcare

10 yrs required

Nashville, TN, United States

Employment Type


Posted on
Sep 16, 2020

Apply for this job


Data Protection Officer & Senior Privacy Counsel

The candidate works closely with the Chief Privacy Officer and within the Enterprise Privacy Office to help lead the regulatory and compliance related activities for privacy matters for the organization, including developing policies, processes, and a program covering the privacy of, and access to, protected health information (PHI), Personal Information (PI), and sensitive data in compliance with US federal and state laws, the EU Privacy Shield and GDPR, PIPEDA, and other relevant international privacy protection laws and regulations. Provide regulatory, transactional, and legal support and advice to the business units and senior and executive management in the United States, Canada and the EU. Will monitor compliance with and advise upon Company’s UK and European Union data privacy obligations as established under the General Data Protection Regulation (GDPR). The DPO will coordinate closely with the Enterprise Privacy Office and the Chief Privacy Officer to implement necessary compliance processes where gaps are identified or efficiencies are needed. Advise upon Company’s global data privacy obligations as established under the General Data Protection Regulation (GDPR), PIPEDA, and other applicable regulatory privacy frameworks. Monitor compliance with the GDPR and ensure relevant Company personnel are appropriately trained and aware of their specific GDPR obligations. Coordinate with Company’s Enterprise Privacy Office and the Chief Privacy Officer to recommend necessary compliance processes where gaps are identified or efficiencies are needed.. Review and advise upon escalated Data Protection Impact Assessments and coordinate with product teams, Product Development Privacy Counsel, and other stakeholders to identify and address GDPR compliance challenges. As necessary, serve as primary point of contact for EU customer privacy inquiries and escalate consistent with regulatory requirements. Maintain close coordination with all Enterprise Privacy Office stakeholders as well as business unit compliance and product leads to ensure appropriate involvement in GDPR-implicated issues. Monitor and maintain data protection organization registrations. Primary point of contact for foreign data regulators. Supporting our strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of PHI, paper and/or electronic, across all media types. Working with business leaders, information security leaders, and team members in the Legal and Compliance department to establish governance for the organization’s privacy program covering the requirements of HIPAA, GDPR, PIPEDA, PCI, GLBA, other federal and state and other applicable international privacy protection laws and regulations. Monitor and audit de-identification activity, including reviewing statisticians’ certifications, within the business units to ensure their compliance with HIPAA and legal requirements. Monitor changes in law, and review and update business processes and related policies. Preparing reports of privacy metrics, investigations, trends, privacy incidents and strategy/recommendations to mitigate privacy risks for the Chief Privacy Officer. Collaborating with the information security team, ensure alignment between security and privacy compliance programs including policies, practices and investigations for security and privacy risks. Collaborating with Public Affairs, and others in Legal & Compliance, represent the organization’s information privacy interests with external parties (federal or state government bodies) which undertake to adopt or amend privacy legislation, regulations, or standards. Assisting the Business Units in assessing and balancing privacy needs and developing practical solutions to help ensure business unit compliance with privacy laws, regulations and standards. Participating on customer or vendor calls when necessary to address privacy issues in contract negotiations. Addressing privacy related due diligence in M&A transactions..Maintaining current knowledge of federal, state and international privacy protection laws and regulations, and monitoring advancements in information privacy technologies to ensure organizational adaptation and compliance. Assisting procurement and business teams on privacy contract language negotiations and propriety. Developing and delivering ongoing privacy training to team members and management. Initiating, facilitating and promoting activities to foster information privacy awareness within the organization and related entities. Serving as information privacy consultant to the Business Unit Attorneys and others in the Legal & Compliance department. Leading the organization’s compliance efforts for the EU Privacy Shield, GDPR, PIPEDA, and other applicable international privacy protection laws and regulations. Establishing and administering a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization’s privacy program and policies and procedures in coordination and collaboration with other similar functions. Drafting and updating the organization’s website, mobile application and other policies impacting privacy. Ensuring the organization’s privacy program and related privacy forms, policies, processes, standards, and procedures are up-to-date. Leading privacy impact assessments and data protection risk assessments and other required audits. Leading regular information privacy risk assessment/analysis, mitigation and remediation efforts in coordination with information security. Developing metrics and reporting on the effectiveness of the organization’s privacy program. Participating in the development, implementation, and ongoing compliance monitoring of all trading partner and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed. Performing initial and periodic information privacy risk assessments and conducting related ongoing compliance monitoring activities in coordination with the organization’s other compliance and operational assessment functions. Working with information security, review all system-related information security plans throughout the organization’s network to ensure alignment between security and privacy practices. Leading and executing information lifecycle inventory projects for high risk business processes. Managing, with the Business Unit compliance resources and others in Legal & Compliance, all required breach determination and notification processes under HIPAA, GDPR, and applicable federal and state breach rules and requirements. Working with and managing external counsel on incidents as needed. Leading any compliance reviews or investigations of the organization by the Office of Civil Rights, other federal or state regulators, and other regulatory agencies. Performing required breach risk assessment, documentation, and mitigation; and working with Human Resources to ensure consistent application of sanctions for privacy violations. Leading and responding to client privacy audits and inquiries. Other duties as assigned.

Additional Information

Ref: R14863

Company info

Change Healthcare
3055 Lebanon Pike
United States 37214
Website :

Similar Jobs:
Patent Attorney
Location : Nashville, TN
A law firm in Nashville is seeking a Patent Attorney with 3+ years of patent prosecution experience to counsel clients on all aspects of intellectual property, with a focus on patent prosecution. The ideal candidate must be an act...
Tax Associate Attorney or Of Counsel
Location : Nashville, TN
A law firm in Nashville is seeking a Tax Associate Attorney or Of Counsel to join its team. The ideal candidate will play a pivotal role in building the existing tax practice, involving significant client interaction and potential...
Of Counsel
Location : Nashville, TN
Job Title: Of CounselJob Overview: A law firm in Nashville, TN, is seeking an Of Counsel with substantial experience in commercial real estate law. The ideal candidate will have a strong background in commercial real estate, inclu...
I like the volume of jobs on EmploymentCrossing. The quality of jobs is also good. Plus, they get refreshed very often. Great work!
Roberto D - Seattle, WA
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
EmploymentCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
EmploymentCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2024 EmploymentCrossing - All rights reserved. 21 192