Healthcare Data Privacy Associate Attorney

Company nameBCG Attorney SearchExperience3-8 yrs requiredPosted onFeb 01, 2024Valid ThroughMar 02, 2024ProfileA law firm is seeking a Healthcare Data Privacy Associate Attorney to join its global Data Privacy, Cybersecurity, and Digital Assets Practice Group. The candidate will play a crucial role in advising clients on digital healthcare privacy, data protection, cybersecurity, and compliance strategies, while also actively participating in contract negotiations, M&A transactions, and incident response efforts.Duties:Assist and advise clients on digital healthcare privacy, data privacy, cybersecurity, and digital assets counseling and transactions.Lead or assume significant responsibility for projects, working directly with partners globally in the Data Privacy, Cybersecurity, and Digital Assets Practice Group.Conduct compliance gap assessments and implement remediation plans.Draft policies and procedures, including privacy policies, privacy statements, incident response plans, vendor contracting templates, and Data Processing Agreements (DPAs).Advise on contract and M&A negotiations.Assist clients in determining compliance risks and priorities, implementing data protection compliance, and developing information governance programs.Requirements:J.D. degree or equivalent.Admission to practice and in good standing in any U.S. state where a firm's office resides.4+ years of experience with meaningful knowledge of healthcare industry data privacy and security issues, including info blocking.Incident response experience is desirable.Digital healthcare and privacy experience are strongly preferred.Healthcare industry experience is necessary.Certifications:Certified Information Privacy Professionals (CIPP) are strongly preferred.Specific certifications required: CIPP-US, CIPP-EU, and CIPM.Skills:In-depth understanding of international, federal, state, and local privacy and security laws.Familiarity with technologies supporting compliance.Experience drafting privacy and security policies for compliance with FDA, FTC, State AG guidance, and various privacy laws such as HIPAA, GLBA, HITECH Act, CAN-SPAM, TCPA, COPPA, FCRA, FERPA, VPPA, Cable Act, Privacy Act, Cal-OPPA, Shine the Light, state breach notification, and security laws, US-EU and US-Swiss Privacy Shield, and state consumer privacy laws (CCPA/CPRA/CDPA/CPA).

#J-18808-Ljbffr