Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Boston Scientific Legal Director - US Privacy Data Protection 
United States, Massachusetts, Marlborough 
637400570

29.11.2024

US-MA-Marlborough; US-MN-Arden Hills; US-MN-Maple Grove

About the role:


Your responsibilities will include:

  • Advising business teams on the applicability and impact of various U.S. federal and state privacy laws that may have differential impact based on whether they operate as a covered entity, business associate, hybrid entity, or neither of the above
  • Managing outside counsel to support global business goals and ensure compliance with applicable U.S. federal and state laws and regulations
  • Fostering company compliance with global privacy and data protection laws and regulations as well as privacy and information security best practices and standards
  • Providing legal counsel and support in business development activities, including conducting due diligence, advising on privacy and data protection issues, facilitating transfer of legal responsibilities, assisting and advising on product development related issues as they arise, and directing outside counsel in assisting the Company with issues as needed
  • Identifying, implementing, maintaining and updating privacy policies and procedures in coordination with Global Compliance colleagues, the Legal Department, Global Security, R&D, Global Quality, all business units, Human Resources including the Group Health Plan, Corporate Analysis and Control and Information Systems; interacting with program and product management across Boston Scientific to provide direction and guidance on company-wide privacy and information security projects
  • Advising Human Resources department on content and implementation of data protection requirements of policies and procedures
  • In collaboration with Global Compliance colleagues, Human Resources, the Chief Information Officer, Global Security, and the Legal Department, assisting with the processes for receiving, managing, and appropriately responding to potential and actual security/privacy breach incidents, complaints related to privacy and security issues, and government authorities’ inquiries into the company’s privacy policies and procedures
  • Coordinating information privacy risk assessments, data audits, and implementation of recommendations resulting from same, including HIPAA Privacy and Security Assessments
  • Reviewing privacy and information security implications of proposed business changes, including of mergers and acquisitions, marketing, and outsourcing activities
  • Reviewing and advising business on drafts and approving data protection requirements in contracts in a variety of areas, including IT cloud service, application development, distributor data handling, consulting, non-disclosure, research, data use, clinical, business acquisitions and mergers, and other areas as needed to ensure business interests are protected
  • Structuring, negotiating, and drafting privacy, data protection, and business associate agreements, and assisting business and commercial counsel in reviewing data protection sections of software license agreements, master services agreements, professional services agreements, SOWs, and other types of commercial agreements
  • Facilitating the development of privacy and data protection training and educational materials tailored to specific business/functional needs and legal requirements
  • Assisting in maintaining third-party/vendor data management and compliance
  • Remaining current on privacy and data protection developments, new legislation/regulations, and competitive benchmarking
  • Managing appropriate policy and operational implementation of the requirements under HIPAA, including negotiation of Business Associate Agreements and development of related education

Required qualifications:

  • J.D. from an accredited university with admission to practice law in at least one state
  • Understanding of HIPAA and other applicable U.S. privacy and data protection laws and regulations (federal and state)
  • Advanced proficiency in the independent review of complex BAA agreements and strong contract drafting and negotiation skills
  • 7+ years of experience developing and implementing practical global privacy and data protection solutions, including policies, training and awareness programs, and communications

Preferred qualifications:

  • Experience working at a global/multi-national organization
  • Experience in the healthcare industry
  • Certification in one or more of the following:
    • International Association of Privacy Professionals certification: IAPP/US
    • Certified in Healthcare Privacy Compliance (CHPC) by the Health Care Compliance Association
  • Knowledge of industry standards affecting privacy and information security, such as NIST and ISO 27001/27002; privacy and/or security professional certifications (e.g., CIPP)
  • Strong communication, presentation, interpersonal, and project management skills
  • Ability to work independently and drive results
  • Proactive attitude and approach towards continuous improvement
  • Dedicated commitment to the highest standards of quality, integrity, ethics, and profession

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status. Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment. Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements. As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.