Data Protection Officer

Role Overview: As an experienced professional in Privacy, Compliance, or Information Governance, your role as a Strategic Leader will involve serving as the executive-level Privacy Subject Matter Expert (SME) to the Operations Committee and Audit/Compliance Committees. You will be responsible for aligning privacy strategy with organizational digital transformation initiatives. Key Responsibilities: - Conducting Privacy Impact Assessments (PIAs), Vendor Risk Assessments, and managing Breach Notification workflows. - Overseeing the development and execution of Data Subject Rights (DSR) processes (access, rectification, deletion, portability). - Owning and optimizing policies, procedures, and standards for handling PHI, ePHI, PII, claims data, and financial health information. - Collaborating with various teams like Information Security, Software Development, Legal, Clinical, Marketing, Finance, Claims, Customer Service, and HR to embed privacy by design and by default. - Managing incident response investigations for privacy breaches, reporting findings, and coordinating with external regulators if needed. - Developing and managing the annual Privacy Program budget, ensuring optimal allocation of resources to high-risk areas. - Leading privacy initiatives and technology implementations through formal project management practices, delivering on time, within scope, and within budget. Qualifications Required: - Bachelors degree in Engineering, Healthcare Administration, Information Security, or related field mandatory. - Advanced Degree/certification (DCDPO, DCPLA, CIPP/US, CIPP/E, CIPP/M) highly preferred. - CISSP, HCISPP, or equivalent security/privacy certifications advantageous. - Minimum 12 - 15 years of progressive experience in Privacy, Compliance, or Information Governance. Functional Skills Required: Functional Skills required for this role include hands-on experience managing multi-jurisdictional data privacy programs and privacy incidents, familiarity with cloud platforms (AWS, Azure, GCP), mobile health apps, digital front doors, and HealthTech innovations. Prior experience dealing with regulatory investigations will be preferred.,