Principle Privacy Specialist

If your location allows for pay transparency, please click the link below to request further information on this position.

Pay Transparency Request Form

PURPOSE AND SCOPE:

Principle Data Privacy Specialist is responsible for the full life cycle management of initiatives that are foundational and essential to building and maintaining of FMCNA privacy program.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• Privacy Incidents:
  • Receive, investigate and respond to privacy complaints and incidents. Lead investigations, document case files, and develop corrective actions. 
  • Coordinate investigations, resolve, and escalate privacy incidents.
  • Conduct breach risk assessments for privacy events to determine individual and government notification requirements.
  • Draft and coordinate communication of all required breach notifications to affected individuals and government agencies, as applicable.
  • Assist in the preparation of reports and metrics.

• Technical Review and Implementation:
  • Collaborate with technical and business teams to review products, services, and projects for privacy compliance.
  • Develop solutions adhering to privacy by design principles. Establish technical safeguards with IT and Business teams.
  • Address requirements for data flows, localization, tracking technologies, vendor assessments, and consent management.
  • Present complex concepts to non-technical partners to promote privacy integration.
  • Address requirements for data flows, localization, tracking technologies, vendor assessments, and consent management.
  • Build consensus around innovative solutions to privacy in new technologies and contexts.
     
• Information/Data Subject Rights:
  • Operate and enhance data subject rights processes, ensuring compliance with global laws. Provide advice to stakeholders and develop educational materials.
• Privacy by Design:
  • Conduct privacy impact assessments (PIA) to identify and mitigate privacy risks to data subjects.
• Advice and Guidance:
  • Provide timely and clear privacy guidance to stakeholders. Escalate issues to Privacy Officers and Data Protection Officers as needed.
  • Work with and provide Subject Matter Expertise to software developers, designers, lawyers, product managers, and business operations to help interdisciplinary teams address privacy requirements.

• Miscellaneous:
  • Maintain documentation, enhance privacy processes, and assist with escalations and inquiries. Evaluate the impact of privacy and security requirements on business practices. Support Legal and Business teams.
  • Identify areas for improvement and implement mitigations to reduce privacy non-compliance.
  • Oversee compliance with state and federal privacy laws, including HIPAA and HITECH.
  • Respond to privacy-related requests and inquiries.
  • Evaluate requests to disclose PHI to third parties and ensure compliance.
  • Act as a primary contact for HIPAA-related issues and incidents.
  • Assist in developing and implementing privacy processes and controls.
  • Facilitate compliance with US privacy laws in day-to-day operations.
  • Evaluate privacy controls and support remediation solutions.

This role requires a solid understanding of:

• US state and federal privacy laws, including HIPAA/HITECH, CMIA, and privacy-related consumer protection laws, such as the TCPA; and
• Global privacy and data protection laws, including GDPR. 

PHYSICAL DEMANDS AND WORKING CONDITIONS:

• The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

SUPERVISION:

• May be responsible for the direct supervision of various levels of Information Security Office staff

EDUCATION:

• Bachelor's Degree required, Advanced Degree desirable in a subject related to privacy operations (e.g., law) or industry sector (Life Sciences)

• HCCA CHPC or IAPP CIPP/US certification preferred.

EXPERIENCE AND REQUIRED SKILLS:

• Minimum of 8 years' related experience; or a master's degree with 5 years' experience; or a JD with 2 years' experience; or equivalent directly related work experience

• 3+ years' supervisory or project/program management experience preferred.

• Proven project management experience, excellent organizational skills, and keen attention to detail;

• Proven track record of working independently

• Experience managing third-party entities as well as communications;

• Experience cross-departmental working groups;

• Knowledge of privacy laws and data security requirements helpful;

• Expert-level writing, data analysis, report drafting and delivery skills;

• Bachelor's degree in business, law, information management or computer science

EO/AA Employer: Minorities/Females/Veterans/Disability/Sexual Orientation/Gender Identity

Fresenius Medical Care North America maintains a drug-free workplace in accordance with applicable federal and state laws.