Privacy and Data Security Counsel - Real HR Hero - Thompson HR Consulting

Fair Chance Act, Fair Chance Ordinance, Fair Chance Initiative for Hiring Ordinance --

As required by law, all qualified candidates will be considered, whether they have arrest or criminal conviction records.  A criminal background check may be required for this job, and if the background check is required, you will likely be advised as to why it is required for the job you are seeking as part of the offer process. When required by law, an individual assessment of criminal records will be done to ensure a fair chance for all. This assessment will include but is not limited to reviewing the severity/relationship between the crime and the job, the time that has passed since the offense or conduct and/or completion of the sentence, and whether there is evidence of rehabilitation.
 
As an outsourced recruiting firm, we are not responsible or liable for the background check process or the response or actions of our clients related to background checks. Please seek guidance from the hiring company.

Come work for a company that makes a difference within the communities of the State of California. This company works on cutting-edge prevention programming, providing counties with an independent administrative and fiscal intergovernmental structure. Our client helps fund, develop, and implement California's mental health services and educational programs. 

As a mental health organization, this company actively seeks to support qualified disabled candidates in obtaining employment with their company and is an Equal Opportunity Employer.  Please complete the self-identification section of the application.

This company offers a VERY Generous Benefits Package, including:

• 10% company-sponsored retirement account (401a) 100% vested – additional compensation/retirement.
• Medical, Dental, Vision, LTD, Life Insurance, Wellness Program, FSA
• Generous PTO plan

Job Title: Privacy and Data Security Counsel
Salary: $185,000 - $210,000
Department: Contract Administration
Reports To: Senior Corporate Counsel/Director of Contracts
FLSA Status: Exempt
Location: Sacramento
Work Model: Hybrid
Schedule: Monday-Friday, 8am-5pm (Could vary depending on business needs)

JOB SUMMARY:

As the Privacy and Data Security Counsel, you will play a critical role in developing, implementing, and overseeing the company’s privacy and data security policies. You will ensure compliance with applicable laws and regulations, including HIPAA and other healthcare data privacy requirements. This role goes beyond traditional contract review, offering the opportunity to engage deeply in the configuration and implementation of EHR systems while driving privacy initiatives across the business. Additionally, this role will address privacy concerns and create policies specific to the integration of AI technologies and other applications, ensuring that AI’s usage complies with privacy laws and does not compromise data security. 

DUTIES AND RESPONSIBILITIES include but are not limited to:

•  Lead all privacy and data reviews engaging with EHR/Engineering and Program teams and ensuring compliance with applicable data and privacy laws, with a special focus on ensuring privacy standards are met within EHR configuration. 
• Develop and deliver comprehensive privacy policies to ensure compliance with U.S. privacy laws, including HIPAA and state-specific regulations (e.g., California Consumer Privacy Act). 
• Oversee and manage all data security and privacy matters across the organization, collaborating with Contracts, EHR, IT, product development, and operations teams to ensure that client privacy practices are aligned, consistent, and effectively support both internal departments and external stakeholders. 
• Provide legal guidance on data security and privacy risks, contract negotiations, and regulatory changes impacting EHR and IT systems. 
• Collaborate with subject matter experts to support configuration choices for EHR platforms and ensure privacy is embedded in every step of the process. 
• Develop and lead privacy-related training programs for stakeholders. 
• Serve as a trusted advisor for all internal stakeholders, with a business-wide perspective, to balance privacy and security with operational needs. 
• Respond to data breaches or privacy incidents and manage reporting and compliance with regulatory bodies, as needed. 
• Clearly explain contract information to stakeholders and other interested parties in simple, everyday language (Be the client subject matter expert on contract information). 
• Self-monitor progress and priorities according to key business priorities. 
• Proofread, edit, and fact-check legal documents for accuracy and consistency. 
• Assist in the identification, development, and implementation of contract policies and processes. 
• Ensure proper recordkeeping of contracts and applicable documentation. 
• Interact with stakeholders and vendors on various topics. 
• Provide general department support, including drafting, research, and policy support. 
• Stay abreast of emerging privacy laws and regulations regarding AI, providing the company with proactive solutions to maintain compliance and mitigate risk. 
• Lead the development of privacy policies concerning the use of AI and AI when integrated with other client systems or applications, ensuring adherence to data protection regulations. 
• Other Duties as assigned. 

QUALIFICATION
EDUCATION and/or EXPERIENCE: 

Requires a BS/BA and a law degree (JD) from an accredited US institution, admission in good standing to the California Bar, and five (5) years of relevant privacy & data security law experience, or an acceptable equivalent combination of education and experience. Prior experience in or knowledge of EHR platforms or healthcare IT systems is strongly preferred. 

To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. 

• Proven track record of developing and implementing privacy policies and training programs in a fast-paced environment. 
• Strong interpersonal skills with the ability to work cross-functionally and influence decision-making. 
• Self-motivated with a drive to take ownership of privacy initiatives and move projects forward. 
• Excellent interpersonal and communication skills, including the ability to effectively understand and explain legal terms and deliver presentations. 
• Knowledge of the range of applicable laws and regulations which impact client policy and its IT operations. 
• Knowledge of privacy regulations related to AI technologies and machine learning in healthcare. 
• Knowledge of current and developing legal issues and trends in area of expertise (contracts). 
• Proficiency with technology, particularly in Microsoft Word, Excel, Salesforce, DocuSign, and other software, applications, and corporate databases. 
• Detail-oriented and organized. 
• Demonstrates the ability to work independently, takes initiative, and finds ways to remain resourceful. 
• Has a strong desire to succeed in the face of adversity and demonstrates the willingness to push through challenges associated with changes and new business development. 
• Must be willing to work virtually or in an office setting. 
• Must be willing to travel, when necessary. 

 COMPUTER SKILLS – Demonstrate the ability to use Microsoft office suite (Outlook, Excel, Word, PowerPoint), Adobe, Google office suite, and other modern connectivity applications (Zoom, Slack, Asana) for daily internal communication.

LANGUAGE SKILLS and MATHEMATICAL SKILLS - Demonstrate the ability to read, comprehend, and respond appropriately through written or verbal form; demonstrate tactfulness when communicating, including internal communication with staff members of all levels; ability to communicate with a variety of audiences effectively. Ability to add, subtract, multiply, and divide in all measure units using whole numbers, common fractions, and decimals.

REASONING – Demonstrate the ability to effectively apply common sense and follow through to daily tasks; demonstrate the ability to work with little or no supervision; demonstrate excellent analytical skills; demonstrate the ability to efficiently conduct research and ask appropriate probing questions to complete necessary tasks.

PHYSICAL DEMANDS - The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is frequently required to sit and stand; use phone and headset; use hands, arms, fingers to type; answer phones; write; use calculator; demonstrate strength to lift and carry materials weighing up to 20 pounds; demonstrate clear vision to read printed materials and a computer screen; hearing and speech to communicate in person and over the telephone.

SENSORY DEMANDS - The incumbent must spend long hours in intense concentration. The incumbent must also spend long hours on the computer entering information which requires attention to detail and high levels of accuracy.

MENTAL DEMANDS - There are a number of deadlines associated with this position, which may cause significant pressure. The incumbent must also deal with a wide variety of people on various issues.

REGULAR WORK SCHEDULE – Varies depending on business needs; however, the company's regular business hours are 8:00 am to 5:00 pm, Monday – Friday.

Powered by JazzHR