Job title - Privacy Administrator
Job Location – Colorado Springs CO
Length – Contract (6 Months+)
The Privacy Administrator in conjunction with the business Privacy Officer is responsible for implementing corporate-wide privacy and data protection principles, policies and practices within the business unit.
The Privacy Administrator will work with the business Privacy Officer to coordinate all business unit activities associated with privacy, as well as monitoring all of the business unit products, services and systems to assure appropriate privacy practices.
The Privacy Administrator will apply its knowledge of US privacy laws and regulations and act as privacy consultant to the business throughout the lifecycle of medical products and health services.
• Act as onsite implementer and coordinator for deployment and adherence to corporate policies in privacy, security, and confidentiality
• Conduct privacy impact assessments to help business assess and mitigate risks related to processing personal data
• Assist business in implementing privacy and data protection requirements throughout the lifecycle of medical products and health services, including Privacy by Design architecture
• Work Cross functionally with multi-discipline groups on privacy matters
• Assist Privacy Officer with application of compliance with applicable privacy and security requirements
• Support Incident, Event and Complaint management in privacy issues
• Keep up-to-date with new or revised government healthcare laws and regulations pertaining to patient privacy to determine if new policies or modifications of current policies are needed
• Work with Corporate Legal to address privacy elements within customer contracts
• Assist in delivery of privacy training and awareness
• Conduct ongoing compliance monitoring and report on privacy metrics
• Good verbal and written communication skills
• Strong technical skills (application and operating system hardening, vulnerability assessments, security audits, intrusion detection systems, firewalls, etc.)
• Strong knowledge and understanding of technology-related law and public policy experience, clinical research and related issues
Professional Certification or Experience:
Certified International Privacy Professional Certification or equivalent preferred
• Minimum 3 or more years’ experience in legal, privacy, compliance and regulatory areas, preferably in the medical device industry
• Familiarity with GDPR/EU 95/46, ePrivacy Directive, FDA and FTC regulations, Dutch Data Protection Directive, HIPAA, PIPEDA, US Patriot Act, British Columbia Act 73, Breach Notification laws, ISO and other standards bodies and international standards
• Bachelor’s degree in technical/privacy or regulatory/legal area, JD preferred
• Familiar with network, system, and telecommunication security
• Proven technical writing and oral presentation skills.
APN Software Service INC