Healthcare Data Privacy Associate Attorney

3-8 yrs required

Full-time

No

A law firm is seeking a Healthcare Data Privacy Associate Attorney to join its global Data Privacy, Cybersecurity, and Digital Assets Practice Group. The candidate will play a pivotal role in advising clients on digital healthcare privacy, data protection, cybersecurity, and compliance strategies. The position involves working directly with partners worldwide, leading projects, and ensuring regulatory compliance in the healthcare industry.

Duties:

• Assist and advise clients on digital healthcare privacy, data privacy, cybersecurity, and digital assets counseling.
• Develop and implement global compliance strategies for privacy, data protection, international data transfers, and cybersecurity.
• Lead or significantly contribute to projects, interface directly with clients, and conduct compliance gap assessments.
• Draft various documents, including privacy policies, privacy statements, incident response plans, and vendor contracting templates.
• Advise on contract and M&A negotiations related to healthcare data privacy and security.
• Assess compliance risks and priorities for clients, implementing data protection compliance and information governance programs.
• Stay updated on industry regulations and guidance, especially FDA, FTC, and State AG regulations, GLBA, HIPAA, HITECH Act, and other relevant laws.

Requirements:

• . degree or equivalent.
• Admission to practice and in good standing in any . state.
• 4+ years of experience with a focus on healthcare industry data privacy and security issues.
• Incident response experience is desirable.
• Digital healthcare and privacy experience are strongly preferred.
• Certified Information Privacy Professional (CIPP) certifications are strongly preferred (CIPP-US, CIPP-EU, CIPM).
• In-depth understanding of international, federal, state, and local privacy and security laws.
• Familiarity with technologies supporting privacy and security compliance.

Education:

. degree or equivalent.

Certifications:

Certified Information Privacy Professional (CIPP-US, CIPP-EU, CIPM) strongly preferred.

Skills:

• Strong knowledge of healthcare industry data privacy and security issues.
• Legal expertise in compliance with FDA, FTC, State AG guidance, GLBA, HIPAA, HITECH Act, and other relevant laws.
• Proficient in drafting privacy and security policies and procedures.
• Excellent communication and negotiation skills.
• Ability to lead or contribute significantly to global projects.
• Familiarity with international data transfers and cybersecurity best practices.

Experience:

4+ years of relevant experience in healthcare industry data privacy and security issues.

Legal