Description:

We are seeking an experienced and highly motivated in-house counsel with a minimum of 7 years experience specializing in privacy and data security matters to join our legal team. The ideal candidate will have expertise in handling high-stakes matters, including HIPAA, HITECH, federal and state privacy laws, and TCPA; developing and implementing privacy policies, conducting training, investigating breaches; reviewing IT contracts, licensing agreements from a privacy perspective, and an understanding of corporate governance. As a key legal advisor, along with business savvy and exceptional communication skills, you will provide strategic legal counsel to the executive team and other business units, ensuring that all transactions align with the company's objectives and comply with relevant laws and regulations.

Responsibilities:
Develop and Maintain US Privacy Program:

Design, implement, and continuously update the company's US privacy program in line with federal and state privacy laws and regulations.
Develop, draft, revise, implement and maintain privacy-related policies and procedures.
Ensure that all policies are up to date with the latest privacy laws, regulatory requirements and best practices.
Conduct risk assessments and internal audits to identify and mitigate potential privacy issues.
Work closely with business leaders to ensure that all transactions and privacy concerns comply with relevant laws and regulations, including securities law, antitrust law, and industry-specific regulations.

Provide Privacy Guidance:

Advise internal stakeholders on privacy matters on various issues, including but not limited to, Health Insurance Portability and Accountability Act (HIPAA), HITECH, federal and state privacy laws, TCPA, investigating breaches, and reviewing IT contracts and licensing agreements.
Provide practical guidance and innovative solutions for privacy issues.
Monitor and analyze changes in privacy laws and regulations and communicate their impact on the organization.

Education and Training:

Design and deliver training programs for employees on privacy matters, including HIPAA, breaches, and patient privacy laws.
Serve as a resource for employees on privacy related inquiries and issues.

Investigate, Document, and Report:

Lead investigations into breaches, prepare reports, and recommend corrective actions.
Prepare and maintain documentation related to privacy activities, including reports to senior management and regulatory bodies.
Ensure accurate and timely reporting of any privacy issues or breaches to appropriate authorities.

Liaison with Regulatory Authorities:

Serve as the primary contact for regulatory agencies and manage all communications regarding privacy matters and breaches.
Ensure the organization's timely response to any regulatory inquiries or investigations.
Coordinate and manage external legal counsel as necessary, ensuring cost-effective and high-quality legal services.

Cross-Functional Collaboration:

Work closely with the legal, finance, operations, marketing, and business development teams to ensure that business practices align with privacy requirements.
Conduct training sessions for staff on privacy laws and best practices; Provide training and mentorship to junior legal staff, fostering a culture of continuous learning and professional development.
Support the organization in navigating regulatory environments and achieving business objectives.
Identify potential legal risk and develop strategies to mitigate risk on privacy and data security matters for the US, in conjunction with our European team members and global policies.
Manage and provide counsel regarding company governance matters, including parent‑subsidiary structure, director and officer appointments, and compliance with by-laws and operating agreements

IT, Technology, and Data Processing Agreements:

Draft, review, and negotiate IT contracts, software license, technology, data processing and transfer agreement, ensuring protection of intellectual property and compliance with licensing terms and applicable regulations and legislation.

Collaboration and Communication:

Collaborate with cross-functional teams, including Finance, Tax, Operations, HR, IT, Compliance, and Business Development to address legal issues, support business initiatives, and ensure seamless execution of transactions.
Communicate effectively with internal and external stakeholders, providing clear and concise legal advice and updates on compliance and transaction matters.
Provide other legal advice and counsel as needed.
Assume responsibility for other legal projects as needed.

Qualifications:

Juris Doctor (JD) degree from an accredited law school.
Active bar membership in good standing in New Jersey or New York.
A minimum of 10 years of experience in combination of data privacy and transactional law.
Subject matter expert in state local consumer data privacy legislation, HIPAA, HITECH and state privacy laws.
Certified Information Privacy Professional (CIPP) or similar certification is a plus.
Familiarity with EU GDPR is plus.
Proven expertise in the areas outlined above.
Excellent analytical, drafting, and negotiation skills.
Strong interpersonal and communication skills.
Ability to provide practical and business-oriented legal advice.
The successful candidate will have a keen ability to provide practical advice and weigh legal risk against business needs and realities.
Strong organizational skills with the ability to manage multiple priorities and deadlines