Healthcare Data Privacy Associate Attorney

A law firm is seeking a Healthcare Data Privacy Associate Attorney to join its global Data Privacy, Cybersecurity, and Digital Assets Practice Group. The candidate will play a pivotal role in advising clients on digital healthcare privacy, data protection, cybersecurity, and compliance strategies. The position involves working directly with partners worldwide, leading projects, and ensuring regulatory compliance in the healthcare industry.

Duties:

• Assist and advise clients on digital healthcare privacy, data privacy, cybersecurity, and digital assets counseling.
• Develop and implement global compliance strategies for privacy, data protection, international data transfers, and cybersecurity.
• Lead or significantly contribute to projects, interface directly with clients, and conduct compliance gap assessments.
• Draft various documents, including privacy policies, privacy statements, incident response plans, and vendor contracting templates.
• Advise on contract and M&A negotiations related to healthcare data privacy and security.
• Assess compliance risks and priorities for clients, implementing data protection compliance and information governance programs.
• Stay updated on industry regulations and guidance, especially FDA, FTC, and State AG regulations, GLBA, HIPAA, HITECH Act, and other relevant laws.

Requirements:

• J.D. degree or equivalent.
• Admission to practice and in good standing in any U.S. state.
• 4+ years of experience with a focus on healthcare industry data privacy and security issues.
• Incident response experience is desirable.
• Digital healthcare and privacy experience are strongly preferred.
• Certified Information Privacy Professional (CIPP) certifications are strongly preferred (CIPP-US, CIPP-EU, CIPM).
• In-depth understanding of international, federal, state, and local privacy and security laws.
• Familiarity with technologies supporting privacy and security compliance.

Education:

J.D. degree or equivalent.

Certifications:

Certified Information Privacy Professional (CIPP-US, CIPP-EU, CIPM) strongly preferred.

Skills:

• Strong knowledge of healthcare industry data privacy and security issues.
• Legal expertise in compliance with FDA, FTC, State AG guidance, GLBA, HIPAA, HITECH Act, and other relevant laws.
• Proficient in drafting privacy and security policies and procedures.
• Excellent communication and negotiation skills.
• Ability to lead or contribute significantly to global projects.
• Familiarity with international data transfers and cybersecurity best practices.

Experience:

4+ years of relevant experience in healthcare industry data privacy and security issues.

The Phoenix office of this very large firm offers a full range of legal services in many practice areas, including corporate, litigation, environmental, employment, real estate, intellectual property, and other types of law. The firm has offices around the world, and it has an impressive client list that includes many large national and international corporations. Associates receive significant formal and informal training as well as meaningful feedback on their work. The firm tries to give all attorneys interesting assignments in practice areas of their choice. A strong commitment to pro bono work is also present, and the firm handles a large number of pro bono matters for individuals and organizations.