POSITION SUMMARY:
You will be a member of the Global Data Privacy Team which is part of Milliman’s Legal and Compliance General Corporate Services led by the Chief Compliance Officer. You will focus on the privacy program in the USA including processes, procedures and initiatives, and collaborate with other departments and practices in support of the privacy program. Although your primary focus will be the USA, you will be involved in international projects and collaborate with Data Privacy Counsels working in other regions.
You will be supervised by the Global Data Privacy Director and be part of a supportive Legal & Compliance team led by the Chief Compliance Officer.
RESPONSIBILITIES:
- Research and legal monitoring of new and revised data privacy state laws, including HIPAA
- Respond to requests for data privacy advice from the business, including assisting in responding to prospect and customer data protection questionnaires
- Proactively identify privacy risks in processes and systems and propose mitigations
- Assist with the drafting of relevant data privacy policies and with identifying any gaps in policies/procedures based on regulations and recommend prioritization of addressing gaps
- Prepare and present data privacy trainings
- Assist with the implementation of the Vendor Risk Management Program
- Create and maintain a network of local DPCPs (Data Privacy Contact Persons) and HIPAA Officers and providing them with advice when needed
- Draft and ensure appropriate delivery of employee notices/consent forms
- Oversee the data inventory and data mapping project in the U.S.
- Assist with internal U.S. data privacy audits
- Negotiate local and international data sharing agreements and assisting with local and international contract analysis to ensure that data privacy and protection objectives are adequately addressed
- Manage Data Subject Access Requests (DSARs) and other requests from data subjects residing in the US region, including assisting Data Privacy Counsels on DSARs arising in other jurisdictions, where required
- Advise on the response to data privacy incidents in the USA, including corrective and preventative actions
- Assist with the drafting of Data Protection Impact Assessments (where required)
- Monitor implementation of data privacy recommendations made under Data Protection Impact Assessments.
SKILLS & QUALIFICATIONS REQUIRED:
- Juris Doctor from a recognized accredited US School.
- The ideal candidate must have 5+ years of significant experience with HIPAA/HITECH, U.S. state data privacy laws (law firm or in-house legal practice)
- The ideal candidate must have deep understanding and robust track records on U.S. data privacy laws and regulations
- The ideal candidate must have familiarity with various state laws.
- The ideal candidate must have previous experience in contract drafting and negotiating, with experience in drafting of data privacy clauses.
- Must have high level of organization and planning skills, with the ability to create plans and diligence to follow through and monitor plans through execution and completion
- Must be a team player
- Must have strong analytical skills
- Must have strong written and oral communication skills
- Must have the adaptability to embrace a dynamic and fast-paced environment
- Must be an active member of bar association.
SKILLS & QUALIFICATIONS PREFERRED:
- CIPP/US certification through the IAPP
- IT security knowledge
COMPENSATION
The salary range is $120,000 to $195,000, depending on a combination of factors, including but not limited to education, relevant work experience, qualifications, skills, certifications, location, etc. This role is based out of the Milliman Seattle office, but candidates can work remotely anywhere in the US.
ABOUT MILLIMAN:
Independent for over 75 years, Milliman delivers market-leading services and solutions to clients worldwide. Today, we are helping companies take on some of the world’s most critical and complex issues, including retirement funding and healthcare financing, risk management and regulatory compliance, data analytics and business transformation.
Through a team of professionals ranging from actuaries to clinicians, technology specialists to plan administrators, we offer unparalleled expertise in employee benefits, investment consulting, healthcare, life insurance and financial services, and property and casualty insurance.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)