Offer summary

Qualifications:

5+ years of experience with HIPAA privacy and security issues related to technology products and services., Specialized knowledge of Ad Tech, TCPA, CAN-SPAM, and other marketing regulations is highly desirable., Experience in designing, implementing, and maintaining privacy compliance policies and programs., B.S. or equivalent required; M.S. or J.D. strongly preferred..

Key responsibilities:

Provide advice and support to business teams on privacy laws and regulations related to technology products.

Collaborate with IT, Legal, and Compliance to resolve complex privacy issues and ensure compliance with regulations.

Lead the development and maintenance of privacy policies and assist in implementing privacy technology solutions.

Perform privacy assessments and provide training and guidance to mitigate privacy risks.

Job description

Working with IT, Legal, Compliance and the Privacy Office, provide advice, counsel and support to business teams related to the application of privacy laws, regulations policies and principles to various technology-related products, services and processes. Knowledge of HIPAA/HITECH required, and familiarity with state privacy and data protection laws (including CCPA), global data protection law (primarily GDPR and PIPEDA), marketing and/or general data privacy and protection principles desired. Assist in refining and standing up new data protection readiness programs necessitated by evolving global data protection laws and regulatory frameworks.

This role is remote.

Provide guidance in all key business initiatives that involve IT systems/products to address Privacy and to assist in design of compliant solutions.
Provide guidance to the Compliance and IT organizations in resolution of complex compliance related system/product privacy issues.
Align advanced technologies and Privacy by Design principles from development through production to ensure data use coincides with regulatory requirements.
Collaborate with data product development teams creating uses of data that employ privacy features.
Analyze and design solutions for new and existing data streams to mitigate privacy vulnerabilities and prevent future privacy risks.
Perform privacy assessments, identify and mitigate risk and educate, train and provide related guidance.
Implement privacy technology to facilitate privacy compliance, including data subject rights messaging, fulfillment and tracking.
Lead development, implementation and maintenance of privacy policies related to Information Technology particularly related to technology-related products, services and processes, including digital marketing, consumer-initiated testing, email and text marketing.
Work with cross functional business and legal teams to ensure alignment between privacy laws and regulations and business imperatives, including by developing practical solutions.
Stay abreast of new privacy and data protection requirements and assess their impact on existing technology related products, services and operations; modify policies and procedures accordingly and collaborate with business teams to promote alignment between requirements and policies and procedures.
Work collaboratively with Privacy and Compliance team on day to day occurrences and incidents.
Assist in department initiatives and special projects.
Work with Legal to apply regulations, assist with and manage a variety of tasks, projects, and processes.

Qualifications

Required Work Experience:

5+ years working on HIPAA privacy and security issues related to technology-related products and services, digital marketing and other products and services
5+ years addressing compliance regulations, state privacy laws and regulations, or other privacy matters
Specialized knowledge of Ad Tech, TCPA, CAN-SPAM and other marketing regulations and technology highly desirable
Experience with design, implementation and maintenance of privacy compliance policies, procedures and programs
Demonstrated ability to translate regulatory requirements into practical, compliant and actionable elements while supporting business strategy.
Experience providing guidance on the effective development and implementation of privacy controls.
Experience in performing DPIAs and PIAs
Demonstrated project management experience

Physical And Mental Requirements

Ability to work independently and collaboratively in ambiguous situations
Cognitive ability to observe and interpret information, assess data, make an assessment and recall details as needed
Sitting or standing for long periods of time as routinely found in an office environment

Skills

Demonstrable track record of making informed decisions despite ambiguity, prioritizing and delivery measurable results in a fast-paced environment
Effective communication (verbal and written), research, drafting, proofreading, planning, organizational and computer skills.
Strong interpersonal skills; ability to interact professionally with colleagues, customers and patients
Ability to maintain composure under pressure
Ability to follow through, meet deadlines, maintain the highest level of confidentiality, anticipate requirements and build relationships
Must be resourceful and creative with a roll-up your sleeves mentality
Self-motivated and results-oriented
MS Office and other business applications

EDUCATION

B.S. Or Equivalent Required, M.S. Or J.D. Strongly Preferred

LICENSECERTIFICATIONS

CIPM

Certified Information Privacy Professional, Europe (CIPP/E)

Certified Information Privacy Professional, U.S. private-sector (CIPP/US)

Equal Opportunity Employer: Race/Color/Sex/Sexual Orientation/Gender Identity/Religion/National Origin/Disability/Vets or any other legally protected status.

Required profile