Healthcare Data Privacy Associate Attorney

A law firm is seeking a Healthcare Data Privacy Associate Attorney to join its global Data Privacy, Cybersecurity, and Digital Assets Practice Group. The candidate will play a crucial role in advising clients on digital healthcare privacy, data protection, cybersecurity, and compliance strategies while collaborating with partners worldwide.

Job Details:

• Advise clients on digital healthcare privacy, data privacy, cybersecurity, and digital assets counseling and transactions.
• Lead or significantly contribute to global compliance strategies regarding privacy, data protection, international data transfers, and cybersecurity.
• Work on incident response and defense of regulatory actions, including carrying out compliance gap assessments and implementing remediation plans.
• Draft policies and procedures such as privacy policies, privacy statements, incident response plans, vendor contracting templates, and DPAs (Data Processing Agreements).
• Provide guidance on contract and M&A negotiations related to data privacy and security.
• Assist clients in determining compliance risks and priorities, implementing data protection compliance, and developing information governance programs, with a focus on the healthcare industry.
• Utilize healthcare industry experience to address specific compliance challenges and nuances.

Requirements:

• J.D. degree or equivalent.
• Admission to practice and in good standing in any U.S. state where a firm office resides.
• 4+ years of relevant experience, with a strong understanding of healthcare industry data privacy and security issues.
• Incident response experience is desirable.
• Digital healthcare and privacy experience are strongly preferred.

Certifications:

Certified Information Privacy Professional (CIPP) certifications are strongly preferred, including CIPP-US, CIPP-EU, and CIPM.

Skills:

• In-depth knowledge and experience in drafting privacy and security policies for compliance with various regulations and guidelines, including FDA, FTC, State AG guidance, FIPPs, GLBA, HIPAA, HITECH Act, CAN-SPAM, TCPA, COPPA, FCRA, FERPA, VPPA, Cable Act, Privacy Act, Cal-OPPA, Shine the Light, state breach notification and security laws, US-EU and US-Swiss Privacy Shield, and state consumer privacy laws (CCPA/CPRA/CDPA/CPA).
• Working understanding of international, federal, state, and local privacy and security laws and technologies to support compliance.

Experience:

4+ years of experience with meaningful knowledge of healthcare industry data privacy and security issues to join the U.S. team of the global Data Privacy, Cybersecurity, and Digital Assets Practice.

This large firm has a diverse, full-service practice that includes many types of litigation and transactional law. It is also known for its expertise in representing its clients' interests in state and federal legislative matters, and the firm is well connected politically. The firm is known for treating its associates as respected members of a team, and prospects for partnership are good. The number of associates hired is limited, so all of them have an opportunity to become partners, and they are able to cooperate, rather than compete with each other.