Dir, Privacy Technology Solutions- Collegeville, Pennsylvania - M-F
Working with IT, Legal, Compliance and the Privacy Office, provide advice, counsel and support to business teams related to the application of privacy laws, regulations policies and principles to various technology-related products, services and processes. Knowledge of HIPAA/HITECH required, and familiarity with state privacy and data protection laws (including CCPA), global data protection law (primarily GDPR and PIPEDA), marketing and/or general data privacy and protection principles desired. Assist in refining and standing up new data protection readiness programs necessitated by evolving global data protection laws and regulatory frameworks.
Duties and Responsibilities:
• Provide guidance in all key business initiatives that involve IT systems/products to address Privacy and to assist in design of compliant solutions.
• Provide guidance to the Compliance and IT organizations in resolution of complex compliance related system/product privacy issues.
• Align advanced technologies and Privacy by Design principles from development through production to ensure data use coincides with regulatory requirements.
• Collaborate with data product development teams creating uses of data that employ privacy features.
• Analyze and design solutions for new and existing data streams to mitigate privacy vulnerabilities and prevent future privacy risks.
• Perform privacy assessments, identify and mitigate risk and educate, train and provide related guidance.
• Implement privacy technology to facilitate privacy compliance, including data subject rights messaging, fulfillment and tracking.
• Lead development, implementation and maintenance of privacy policies related to Information Technology particularly related to technology-related products, services and processes, including digital marketing, consumer-initiated testing, email and text marketing.
• Work with cross functional business and legal teams to ensure alignment between privacy laws and regulations and business imperatives, including by developing practical solutions.
• Stay abreast of new privacy and data protection requirements and assess their impact on existing technology related products, services and operations; modify policies and procedures accordingly and collaborate with business teams to promote alignment between requirements and policies and procedures.
• Work collaboratively with Privacy and Compliance team on day to day occurrences and incidents.
• Assist in department initiatives and special projects.
• Work with Legal to apply regulations, assist with and manage a variety of tasks, projects, and processes.
• B.S. or equivalent required, M.S. or J.D. strongly preferred
• CIPP/US, CIPP/E and/or CIPM or other relevant privacy certification highly desirable
Work Experience • 10+ years working on HIPAA privacy and security issues related to technology-related products and services, digital marketing and other products and services
• 10+ years addressing compliance regulations, state privacy laws and regulations, or other privacy matters
• Specialized knowledge of Ad Tech, TCPA, CAN-SPAM and other marketing regulations and technology highly desirable
• Experience with design, implementation and maintenance of privacy compliance policies, procedures and programs
• Demonstrated ability to translate regulatory requirements into practical, compliant and actionable elements while supporting business strategy.
• Experience providing guidance on the effective development and implementation of privacy controls.
• Experience in performing DPIAs and PIAs
• Demonstrated project management experience
Physical and Mental Requirements • Ability to work independently and collaboratively in ambiguous situations
• Cognitive ability to observe and interpret information, assess data, make an assessment and recall details as needed
• Sitting or standing for long periods of time as routinely found in an office environment
• Demonstrable track record of making informed decisions despite ambiguity, prioritizing and delivery measurable results in a fast-paced environment
• Effective communication (verbal and written), research, drafting, proofreading, planning, organizational and computer skills.
• Strong interpersonal skills; ability to interact professionally with colleagues, customers and patients
• Ability to maintain composure under pressure
• Ability to follow through, meet deadlines, maintain the highest level of confidentiality, anticipate requirements and build relationships
• Must be resourceful and creative with a roll-up your sleeves mentality
• Self-motivated and results-oriented
• MS Office and other business applications