IT Legal & Security Advisory Leader (7-22 yrs)
Position Overview: The Privacy Manager will be responsible for defining and implementing policies related to legal compliance for data security and privacy both relating to customer data and employee data and agreements with third-party business partners. It's a role with great importance and influence as privacy issues and corporate responsibility dominate discussions regarding data collection, storage, and use.
1. Builds a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which are fully compliant to Gov and private norms.Ensures privacy forms, policies, standards, and procedures are up-to-date.
2. Works with organization senior management, security, and corporate compliance officer to establish governance for the privacy program.
3. Serves in a leadership role for privacy compliance
4. Collaborate with the CTO to ensure alignment between technology landscape and privacy compliance programs including policies, practices and acts as a liaison to the information systems department.
5. Establishes, with the CTO, an ongoing process to track, investigate and report inappropriate access and disclosure of protected health information. Monitor patterns of inappropriate access and/or disclosure of protected health information.
6. Performs or oversees initial and periodic information privacy risk assessment/analysis, mitigation and remediation.
7. Conducts related ongoing compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions.
8. Takes a lead role, to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements.
9. Oversees, develops and delivers initial and ongoing privacy training to the workforce.
10. Participates in the development, implementation, and ongoing compliance monitoring of all business associates and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.
11. Performs required breach risk assessment, documentation, and mitigation. Works with Human Resources to ensure consistent application of sanctions for privacy violations
12. Initiates, facilitates and promotes activities to foster information privacy awareness within the organization and related entities.
13. Maintains current knowledge of applicable federal and state privacy laws and accreditation standards.
14. Works with organization administration, legal counsel, and other related parties to represent the organization & information privacy interests with external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulation, or standard.
15. Serves as information privacy resource to the organization regarding release of information and to all departments for all privacy related issues.
1. Degree in Law or certification in Privacy subjects.
2. Knowledge and experience in state and national information privacy laws, including but not limited to IT
3. Demonstrated organization, facilitation, written and oral communication, and presentation skills.
4. Recommended privacy certification
Additional Requirements -
1. Demonstrated skills in collaboration, teamwork, and problem-solving to achieve goals
2. Demonstrated skills in verbal communication and listening
3. Demonstrated skills in providing excellent service to customers
4. Excellent writing skills
5. A high level of integrity and trust
6. Extensive familiarity with health care relevant legislation and standards for the protection of health information and patient privacy
7. Health care legal, operational, and or financial skills.