Sr. Counsel (Privacy, Security & Data)

About The Position

Requirements

• Juris Doctorate from an accredited law school.
• Member of a state or DC bar.
• 7-10+ years of relevant privacy and legal experience in a law firm or corporate legal department required.
• In-depth knowledge and experience with U.S. privacy and security laws and regulations and healthcare privacy and security programs.
• Familiar with certified Electronic Health Record (EHR) regulations, healthcare anti-kickback, self-referral, fraud and abuse laws, and HIPAA.
• Demonstrated success working in a fast-paced, high-performing, results-driven environment.
• Ability to draft and close commercial agreements with minimal support from more senior staff.
• Demonstrated ability to think and decide quickly, and to communicate legal issues and solutions clearly and concisely.
• Self-starter with the ability to work efficiently with minimal supervision.
• Ability to manage and bring complex projects to close.
• Strong technical skills in Microsoft Office Suite, compliance/legal tracking, and research systems (e.g., Ethico, HealthStream, etc.).
• Attendance is an essential job function.

Nice To Haves

• Minimum of 3 years in a senior role preferred.
• Certified Healthcare Privacy Compliance (CHPC) or equivalent certification preferred.

Responsibilities

• Develop, implement, and maintain comprehensive privacy policies and procedures and oversee organization’s, and its subsidiaries’ and legal affiliates’, compliance with HIPAA, HITECH, and other applicable privacy laws and regulations.
• Oversee the response to platform privacy and security incidents and breaches, including investigation, mitigation, and notification for OneOncology-owned, affiliated and managed practices.
• Serve as OneOncology’s Privacy Officer and the primary point of contact for privacy-related inquiries and complaints from patients, employees, practices, and regulatory bodies.
• Collaborate with OneOncology’s Compliance, Information Security, Product/Engineering and other teams to ensure compliant, aligned and integrated privacy practices, procedures and product design across platform.
• Serve as a key partner in the development, implementation and maintenance of OneOncology and its owned, affiliated and managed practices’ security compliance program and policies and procedures.
• Monitor legal and regulatory developments and industry best practices to proactively update the privacy and security program.
• Maintain documentation of the organization's privacy and security practices and decisions.
• Coordinate and support privacy audits, regulatory inquiries, and investigations and partner with OneOncology’s Security Officer on related security matters.
• Identify, document, and mitigate privacy risks across business units.
• Maintain incident response protocols and coordinate with Information Security on breach investigations and notifications.
• Partner with OneOncology’s compliance department on privacy training and awareness programs for employees and stakeholders.
• Promote a privacy-aware culture across the organization.
• Oversee data subject rights processes for responding to access requests (DSARs) and other rights under privacy laws.
• Oversee privacy aspects of vendor approval process and ensure adherence to data protection and privacy compliance.
• Review, draft, negotiate pharmaceutical RWE and data related agreements across the OneOncology platform, addressing technology, privacy and security and other legal needs.
• Provide rapid, practical, business-oriented legal and commercial strategic advice directly to business stakeholders responsible for pharma data/RWE business lines.
• Primary responsibility for establishing and deploying OneOncology’s Artificial Intelligence (AI) compliance policies and procedures and development of processes regarding safe and responsible use and deployment of AI technology.
• Assist legal leadership in higher level matters, as needed.
• Additional responsibilities as assigned to help drive our mission of improving the lives of everyone living with cancer.