Director, Privacy Operations and Governance

Quest Diagnostics•Secaucus, NJ

23h•Remote

About The Position

The Director, Privacy Operations and Governance will have a leadership role in managing Quest Diagnostics’ privacy operations, governance and risk mitigation activities, domestically and internationally. The role will collaborate closely with a broad range of business partners as well as members of the Privacy Office, Compliance, and IT, to effectively manage privacy risk and ensure compliance with applicable privacy laws, U.S. and international. This is a hands-on role with responsibilities including the performance and maintenance of privacy impact assessments, data protection impact assessments, data mapping activities, and responding to client and other third party due-diligence requests. The ideal candidate will have broad working knowledge of U.S. and international privacy laws, regulations, including HIPAA, HITECH, state privacy laws, and GDPR, as well as international privacy and security standards, including NIST and ISO frameworks. The individual will have demonstrated experience with a privacy program in a multinational corporate setting, preferably in the healthcare or life sciences sector. The position reports to the Executive Director, Privacy Officer. This is a remote-based position.

Requirements

Strong understanding of privacy best practices in healthcare, including experience advising on best practices and compliance with privacy and data protection regulations, as well as providing guidance on data collection and use, privacy disclosures and transparency, and related issues.
Experience with design, implementation and maintenance of privacy compliance policies, procedures and programs for a global healthcare company.
Significant experience conducting privacy impact assessments and implementing scalable processes for a global organization.
Experience building and maintaining data processing registries and associated data mapping.
Experience working with privacy management software and automated platforms.
Experience with privacy governance and document management frameworks.
Experience with cross-functional risk management frameworks.
Bachelor’s Degree B.S. or equivalent experience required

Nice To Haves

Project management experience a plus
Doctorate Degree J.D. a plus

Responsibilities

Manage privacy risk in compliance with privacy standards, best practices and applicable law, including HIPAA, US State privacy laws and GDPR.
Manage and perform privacy impact assessments, data protection impact assessments, transfer impact assessments as required by applicable law.
Provide governance and operational support relating to data processing activities in compliance with relevant privacy standards, best practices and applicable laws, including but not limited to GDPR Article 30 (Record of Processing Activity).
Support various business functions in responding to client/third party due-diligence and data privacy questionnaires.
Analyze metrics and identify trends to help drive continuous improvement in controls.
Mature processes and serve as privacy subject matter expert on cross-functional governance committees.
Assisting the Privacy Office team in a variety of projects and initiatives on an as-needed basis.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume