Privacy Officer at Flatiron Health
We're looking for a Privacy Officer to help us accomplish our mission to improve lives by learning from the experience of every cancer patient. Here's what you need to know about the role, our team and why Flatiron Health is the right next step in your career.
What You'll Do
In this role, you'll work with the Legal, Privacy & Compliance team to oversee all activities related to the development, implementation, oversight, and continuous improvement of Flatiron’s policies and procedures regarding the privacy of personal information (including PHI), particularly in the context of clinical research, in compliance with international, federal and state laws and regulations.
Reporting to the General Counsel, you'll build out Flatiron’s privacy framework, plans and strategic direction for protecting Flatiron’s data assets, program compliance monitoring, incident and breach investigation and tracking, and compliance with applicable privacy laws and regulations. In addition, you'll also:
- Deliver or ensure delivery of privacy and related trainings to all employees, contractors, and other appropriate third parties. Initiate, facilitate and promote activities to foster a company-wide culture of information privacy awareness and compliance
- Collaborate closely with the security, engineering and other business teams to build in privacy safeguards and ensure awareness of best practices on privacy and data security issues
- Develop and implement policies and procedures for responding to privacy incidents and privacy breaches including, without limitation, investigation of and response to such events and appropriate notification of clients, affected individuals and government agencies
- Assist with negotiation of agreements related to data privacy and advise on the regulatory implications of Flatiron’s products and services
- Participate in the development, implementation, and ongoing compliance monitoring of vendors for compliance with privacy- and data security-related policies and legal requirements
- Perform periodic risk assessments and conduct related ongoing compliance monitoring activities to evaluate the potential risks associated with privacy-related policies, procedures and practices
- Oversee and optimize compliance with privacy practices and consistent application of sanctions for failure to comply with privacy policies for all staff and vendors, in cooperation with People Operations, Security, Quality and Legal, as applicable
- Maintain current knowledge of applicable privacy-related state, federal and international laws and regulations and associated best practices, advise stakeholders on potential impact, and ensure organizational compliance
- Represent Flatiron in interactions with external stakeholders, including governmental bodies and media, in regards to Flatiron’s privacy position and efforts
Who You Are
You're a collaborative Privacy Officer with 10+ years of experience creating and implementing privacy programs, including experience with the privacy implications of research activities, in the academic medical center, health system and/or private practice settings. You're excited by the prospect of rolling up your sleeves to tackle meaningful problems each and every day. You’re a kind, passionate and collaborative problem-solver who seeks and gives candid feedback, and values the chance to make an important impact.
- You have a deep understanding of federal, state and international information privacy laws, including but not limited to HIPAA, HITECH, Common Rule, Privacy Shield and GDPR. In-depth understanding of data aggregation and de-identification
- You have excellent judgment and a principled, practical, collaborative and solutions-oriented approach to problem-solving
- You have the ability to provide sound, clear and succinct recommendations and analysis to senior stakeholders, legal and business teams
- You have demonstrated organization, facilitation, communication, presentation and people management skills
- You have the ability to multitask, work under tight time pressures, prioritize work, and react quickly to changing business needs and demands all in a fast-paced, high-growth business environment
If this sounds like you, you'll fit right in at Flatiron.
- You have a Juris Doctor degree
Why You Should Join Our Team
A career at Flatiron is a chance to work with everyone involved in the future of cancer care and research—all under one roof. Researchers, data scientists, designers, clinicians, technologists and many more all work together to improve cancer care and accelerate research.
At Flatiron, we strive to build and maintain an environment where employees from all backgrounds are valued, respected and have the opportunity to succeed. You'll also find a culture of continuous learning, broad and inclusive employee support offerings, and a commitment to supporting our team members in all aspects of their lives—at home, at work and everywhere in between. We offer:
- Flatiron University training curriculum which includes presentation skills, meeting mastery, coding languages and more
- Career coaching opportunities
- Hackathons for all employees (not just our engineers!)
- Professional development benefit for attending conferences, industry events and external courses
- Work/life autonomy via flexible work hours and flexible paid time off
- Generous parental leave (16 weeks for either parent)
- Back-up child care
- Flatiron-sponsored fitness classes
Flatiron Health is proud to be an Equal Employment Opportunity employer.
We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.