Manager, Global Privacy Operations

THIS IS A REMOTE POSITION PURPOSE AND SCOPE: The Manager, Global Privacy Operations provides input into the design, implementation, and oversight of the organization’s global privacy program. This role is accountable for managing privacy risk assessments, privacy impact assessments, and processing activity records across all regions, providing guidance to business owners to embed privacy‑by‑design principles, and enabling business operations. The Manager also assists with privacy investigations, delivers privacy training, supports the development and maintenance of privacy policies, and contributes to cross‑functional privacy projects to ensure consistent operational execution of privacy requirements worldwide. PRINCIPAL DUTIES AND RESPONSIBILITIES: Program Leadership & Governance: Support the HIPAA and global privacy program strategy and roadmap. Draft, implement, and maintain privacy policies, standards, SOPs, and controls. HIPAA Compliance: Drive adherence to HIPAA Privacy, Security, and Breach Notification Rules, including safeguards and patient rights. Global Privacy Compliance: Operationalize and drive compliance with global privacy laws (i.e., GDPR, LGPD, PIPL) applicable to FME’s healthcare, business and corporate operations. A key responsibility is leading the coordination and completion of global privacy reviews with business owners and other stakeholders, identifying risks and providing guidance aligned with privacy by design principles. These include managing: Data Protection Impact Assessment. Coordinate with business owners and other stakeholders across functions to complete assessments, identify risks and consult with legal colleagues, HIPAA Privacy Officer, and EU Data Protection Officer (DPO) when necessary. Privacy Impact Assessments for other geographic regions (including US, Canada, LATAM, APAC, EMEA). Support local and regional appointed privacy contacts and business owners by managing global privacy assessments and documentation. Other privacy assessments: Support the creation, completion and periodic reviews of other privacy assessments including Transfer Impact Assessments, Legitimate interest Assessments, etc. when required. Privacy Risk Management: Manage the evaluation and treatment of privacy risks identified in privacy reviews with the risk owner. Incident Response: Support privacy incidents investigations, perform breach assessments, and coordinate notifications. Training & Awareness: Support the design, updating and delivery of HIPAA and global privacy training programs. Audit Readiness: Coordinate internal/external audits and maintain evidence repositories. Regulatory Intelligence: Track changes in U.S. and global privacy laws and recommend program enhancements. Normally receives little instruction on day-to-day work, general instructions on new assignments. Provides assistance to junior level staff with more complex tasks that require a higher level of understanding of functions. Mentors other staff as applicable. Performs other related duties as assigned. PHYSICAL DEMANDS AND WORKING CONDITIONS: The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Little to no travel is expected for this position.