Privacy Counsel

Profile

Privacy Counsel

Duties: Supporting the overall implementation of a strategic and comprehensive enterprise privacy program that defines, develops, maintains, and implements enterprise-level policies and procedures. Supporting the enablement of consistent, effective privacy practices which minimize risk and ensures the confidentiality of PI and PHI, paper and/or electronic, across all media types. Providing privacy legal advice to critical teams such as Product Development, Information Security, HR, Marketing and Government Affairs in support of rapid solutions to meet identified. Monitoring continuous changes in privacy law (regulatory change awareness) and tracking consumer privacy regulation compliance (FTC, CCPA) to appropriately apply changes to assigned program domains, review and update enterprise privacy policies and procedures, and support related training or awareness activities with stakeholders and the business. Providing privacy-related legal advice concerning business transactions, including reviewing and negotiating contracts with customers, 3rd party suppliers and business partners, performing privacy-related legal due diligence and drafting and negotiating and applicable privacy-related provisions. Assisting the Business Units in assessing and balancing privacy needs and developing practical solutions to help ensure business unit compliance with privacy laws, regulations, and standards. Developing and delivering ongoing privacy training to team members and management. Initiating, facilitating, and promoting activities to foster information privacy awareness and data use in accordance with Change Healthcare’s Data Values within the organization and related entities. Supporting HIPAA risk analysis process and other regulatory assessments in coordination with information security. Supporting regular information privacy risk assessment/analysis, mitigation, and corrective actions in coordination with information security. Working with information security, review all system-related information security plans throughout the organization’s network to ensure alignment between security and privacy practices. Supporting EPO, with the Business Unit compliance resources and others in Legal & Compliance, with conducting required privacy incident review and breach determination and notification processes under HIPAA, GDPR, and applicable state breach rules and requirements. Leading any compliance reviews or investigations of the organization by the Office of Civil Rights, other federal or state regulators, and other regulatory agencies. Performing required breach risk assessment, documentation, and mitigation; working with Human Resources to ensure consistent application of sanctions for privacy violations.

Company info

Sign Up Now - EmploymentCrossing.com