Job Details

Data Privacy Attorney in Marlborough, MA

This job is expired...

Company name

Boston Scientific.

Organization Type

In-House

Job Type

Attorney

Practice Area

Data Privacy

Years of Experience

Min 5 yrs required

Location

USA Marlborough, MA

Date Last Verified

Oct 14,2017

Posted on

Jul 05,2017

77 hits

Profile

Counsel I, Global Privacy and Data Protection The candidate will provide legal advice and counsel to Company personnel in diverse privacy and data protection matters by assisting, advising, investigating, researching and resolving legal matters within corporate legal policies to ensure that company personnel are aware of and in compliance with applicable OUS, state and federal laws and regulations. Direct development and delivery of training to Company personnel. Manage outside counsel to support global business goals and ensure compliance with applicable OUS, state and federal laws and regulations. Foster company compliance with global privacy and data protection laws and regulations as well as privacy and information security best practices and standards. Provide legal counsel and support in business development activities, including conducting due diligence, advising on privacy and data protection issues, facilitating transfer of legal responsibilities, assisting and advising on product development related issues as they arise, and directing outside counsel in assisting the Company with issues as needed. Identify, implement, maintain and update privacy policies and procedures in coordination with Global Compliance colleagues, the Legal Department, Global Security, R&D, Global Quality, International business units, Human Resources including the Group Health Plan, Corporate Analysis and Control and Information Systems; interact with program and product management across firm to provide direction and guidance on company-wide privacy and information security projects. Advises Human Resources department on content and implementation of data protection requirements of policies and procedures including OUS localization and cross border data transfer issues. In collaboration with Global Compliance colleagues, Human Resources, the Chief Information Officer, Global Security and the Legal Department, assist with the processes for receiving, managing and appropriately responding to potential and actual security/privacy breach incidents, complaints related to privacy and security issues, and government authorities’ inquiries into the company’s privacy policies and procedures. Coordinate information privacy risk assessments, data audits and implementation of recommendations resulting from same, including international and US HIPAA Privacy and Security Assessments. Review privacy and information security implications of proposed business changes, including of mergers and acquisitions, marketing, and outsourcing activities. Reviews, advises business on drafts, and approves data protection requirements in contracts in a variety of areas, including IT cloud service, application development, distributor data handling, consulting, non-disclosure, research, data use, clinical, business acquisitions and mergers, and other areas as needed to ensure business interests are protected. Structuring, negotiating and drafting privacy, data protection and business associate agreements and assisting business and commercial counsel in reviewing data protection sections of software license agreements, master services agreements, professional services agreements, SOWs, and other types of commercial agreements. Facilitate the development of privacy and data protection training and educational materials tailored to specific business/functional needs and legal requirements. Assist in maintaining third-party/vendor data management and compliance. Remain current on privacy and data protection developments, new legislation/regulations, and competitive benchmarking. Manage appropriate policy and operational implementation of the requirements under HIPAA, including negotiation of Business Associate Agreements and development of related education.

Qualification and Experience

The candidate should have a JD Degree. Must have 5+ years of experience in developing and implementing practical global privacy and data protection solutions, including policies, training and awareness programs, and communications (global/multi-national organization and health care industry experience preferred). Certification in one or more of the following helpful: International Association of Privacy Professionals certification: IAPP/US; Certified in Healthcare Privacy Compliance (CHPC) by the Health Care Compliance Association is essential. Understanding of HIPAA and other applicable U.S. privacy and data protection laws and regulations (federal and state) required. Advanced proficiency in the independent review of complex BAA agreements and strong contract drafting and negotiation skills required. Knowledge of industry standards affecting privacy and information security, such as NIST and ISO 27001/27002 preferred. Privacy and/or security professional certifications (e.g., CIPP) also a plus.

Additional info

Requisition ID: 331555.

Company info

Hiring Coordinator
Boston Scientific.
100 Boston Scientific Way
Marlborough, MA 01752