Senior Privacy Counsel

About The Position

Requirements

• Expertise in advising clients on GDPR and other global privacy frameworks, and experience with HIPAA and state privacy laws related to health information.
• Demonstrated knowledge of US privacy and data protection laws and a keen understanding of the changing US privacy legal landscape, including emerging comprehensive state privacy laws.
• Experience implementing the practical requirements of data privacy laws, including individual data subject rights and requirements for de-identification and data anonymization.
• Demonstrated understanding of technology, marketing and ad tech, emerging AI technology, and experience advising clients on use of trackers, pixels, digital consumer privacy and protection (including, e.g., TCPA, CAN-SPAM, etc.).
• A Juris Doctorate (JD) and a minimum of 5 years of direct experience advising clients on privacy law either at a law firm or as part of an in-house legal or compliance team.
• Licensed to practice in NYS or eligible for in-house registration.

Nice To Haves

• Familiarity with regulatory requirements for Human Subjects Research preferred.
• An established track record of translating regulatory requirements into practical and impactful elements while supporting business strategy.
• Ability to skillfully maneuver through complex policy, process, and people-related organizational dynamics.

Responsibilities

• Serve as subject matter expert to business, clinical, and research teams across MSK.
• Advise on key legal questions related to privacy by gaining detailed insight into business areas.
• Perform detailed legal research as needed and provide timely, effective advice.
• Manage MSK’s operational compliance with GDPR and other global-privacy frameworks.
• Advise other members of the MSK legal team on data privacy laws and collaborate on transactions led by those team members.
• Lead negotiation of HIPAA Business Associate Agreements with MSK’s IT and supply chain vendors.
• Draft, update, and regularly review consumer-facing privacy notices for MSK digital properties.
• Advise the Development, Marketing and Communications, and other digital teams on use of cookies, pixels and other trackers on MSK digital properties.
• Provide legal guidance to other members of the Compliance team in their management of privacy-related inquiries from patients and staff.
• Collaborate with departments across the organization, including clinical, research, hospital administration, IT, procurement, and Information Security departments, and MSK’s AI Governance Council to develop and enhance policies governing MSK’s use of personal data (PHI, PII).
• Stay abreast of new domestic and global privacy and data protection requirements and assess their impact on existing operations and strategic plans.

Benefits

• Competitive pay
• Health insurance
• Dental insurance
• Vision insurance