Experience
8 yrs required
Location
Salt Lake City, UT, United States
Posted on
Sep 22, 2020
Profile
Senior Privacy Specialist
The candidate will address privacy-related questions and provide guidance to the business, serving as privacy subject matter expert. Will consider the needs of various business partners, corporate goals and initiatives, and applicable regulatory requirements, some of which may be at odds, and identify creative solutions to ensure business needs are met in a manner that supports corporate goals and initiatives and complies with the law. Identify when and how existing policies need to be revised either for regulatory purposes or other reasons. Review legal documentation for sufficiency under privacy regulations, advise the business regarding sufficiency and permissible disclosures. Develop recommendations regarding appropriate disciplinary sanctions, consult with HR and management to conduct employee interviews, document sanctions to demonstrate compliance with relevant laws and regulations. Work with management to address privacy trends in business area and recommend corrective action or training plan to address repeated incidents. Represent the Privacy Office on cross-functional internal work groups and task forces addressing wide-ranging business issues. Develop and present privacy-related training and tools with a view toward furthering a compliance culture. Investigate complex privacy incidents including developing mitigation strategies and enforcing sanctions as required. As an essential member of the privacy team, collaborate on a privacy risk assessment and mitigation plan. Lead and implement assigned sections of the plan with a view toward maintaining or strengthening current levels of compliance. Maintain databases relating to privacy. Participate in teams and workgroups to further privacy-related goals and serve as subject matter expert for privacy. Advise business partners regarding privacy issues to achieve core strategies, business objectives, and compliance requirements. Review new product development as it relates to the privacy of health care data that may be used in predictive analytics and potential new company product offerings and intellectual property. Persuade, lead and address diverse groups at all levels of the organization (from front line staff to executive management) to affect change and serve as a champion for privacy. Advise business partners on privacy regulations in addition to HIPAA such as GLBA, COPPA, GDPR, etc. Lead privacy investigations and risk assessment activities for complex privacy incidents including determining whether an incident is a breach, managing breach activities and communications with internal and external business partners, and determining notification requirements and strategies. Analyze privacy statutes and regulations to determine the operational impact to business and work to communicate requirements and ensure compliance throughout the company. Assist with the management of privacy service provider engagements, including contract review, drafting, revision and negotiation and privacy-related performance management. Assist with reviewing, drafting and negotiating business associate agreements with suppliers and other third parties. Develop, review, update and implement assigned privacy-related policies and procedures. Analyze proposed privacy legislation. Advise on whether company should support or oppose the legislation and recommend language changes to proposed legislation. Collaborate on a privacy risk assessment and mitigation plan and implement assigned sections of the plan with a view toward maintaining or strengthening current levels of compliance. Serve as a representative for the Privacy Office to support new business and management directed initiatives. Serve as mentor or lead to privacy specialists.
Company info
Sign Up Now - EmploymentCrossing.com