Data Privacy Engineer

About The Position

Requirements

• Bachelor’s or Master’s in Information Security, Engineering, or a related field.
• 5 years of experience in privacy engineering, privacy operations, governance or data management.
• Strong understanding of privacy regulations, including HIPAA’s Privacy and Security Rules.
• Excellent communication and relationship skills.
• Ability to apply privacy expertise to Company products and services to improve privacy strength and measure impact.
• Can identify and drive solutions for privacy issues that have a positive impact on risk reduction or business enablement.
• Strong knowledge of data governance frameworks, quality, and compliance standards.
• Experience automating Privacy Impact Assessment workflows.
• Strong analytical and problem-solving skills with attention to detail.
• Strong understanding of state privacy laws, GDPR, and other global privacy laws.
• Hands-on experience working with privacy risk assessment tools and frameworks.
• Skilled in risk identification, assessment, and mitigation.

Nice To Haves

• Project management experience with the ability to coordinate working groups and timelines is a plus.
• Experience with translating legal requirements into technical workflows.
• Preferred certifications: CISSP-Privacy, CDPSE (ISACA), IAPP, NIST Privacy Framework training

Responsibilities

• Lead HIPAA Privacy rule implementation projects. Provide subject matter expertise on HIPAA Security rule implementation.
• Help lead implementation of Company’s Privacy by Design program, conduct privacy impact assessments and reviews of products and processes impacting personal information.
• Contribute to development and update of Privacy policies, procedures, and guidelines, as well as the processes that implement them.
• Review and develop reports to assess the effectiveness of privacy policies and processes.
• Coordinate with business units on expansion of tooling and improvement of privacy controls that impact data privacy.
• Assist in the development and execution of the Company privacy program roadmap, including privacy risk assessments.
• Provide oversight for the privacy components of Company’s data mapping, minimization, inventory processes.
• Contribute to AI governance efforts, ensuring privacy requirements are met across all AI technologies.
• Govern patient rights processes under HIPAA and Data Subject Access Rights process as necessary under state law.
• Assist in building privacy requirements into the Vendor onboarding process, and conduct privacy review of vendors.
• Assist in incident response, including conducting four factor HIPAA analysis, state law analysis as necessary, and monitoring mitigation and remediation activities to completion.
• Other duties as assigned

Benefits

• Medical, Dental, and Vision plans
• Flexible Spending/Health Savings Accounts
• Flexible PTO
• 401(k) + Company Match
• Life Insurance, Pet insurance, and more