Health Information Privacy and Data Protection Manager
Employment Type: Full-Time
* Bachelor's degree or equivalent practical experience in information technology, business, healthcare or biology-related field.
* 10 years of experience working with US and European data privacy and information security standards and regulations
* Experience in health information privacy
* Experience working with product management and development teams to implement privacy controls in products, solutions and processes
* Master's degree, Juris Doctor or other advanced degree, or related work experience
* CISSP, Security + or other information security certifications
* CIPP/CIPM/CIPT/ISEB or other data privacy certifications
* Experience with HIPAA Privacy & Security Rules, GDPR, CCPA, ISO 27001, ISO 27018, HITRUST and/or NIST 800-53
* Consulting or advisory experience on privacy matters (internal or external clients)
* Experience in research organizations, a start-up or consumer healthcare organization
About the job
As the Health Information Privacy and Data Protection Manager, you'll work alongside other members of the Health Information and Data Protection team to ensure compliance of Google Health and its products with information governance standards, data protection and data privacy standards and regulations.
You will support the development of software by providing Information Governance domain expertise during all stages of product delivery, interacting with teams across Product, Quality, Risk & Safety, Deployment, and Infrastructure Security. You will provide input into the delivery of data protection, privacy, statutory and regulatory compliance, and identify areas of risk and exposure associated with information governance.
Google Health has made major advances in healthcare research, such as detecting eye disease more quickly and accurately than experts, planning cancer radiotherapy treatment in seconds rather than hours, and working to detect patient deterioration before it happens with electronic records.
Fundamental research is at the core of Google Health - the multidisciplinary team collaborates with partners to publish novel research in renowned scientific journals. They then work to apply this research into the medical field, whether through Streams, our clinical assistant app, or other clinical hardware and products developed in Google. Working alongside colleagues across Google, you'll help make this vision a reality.
* Ensure products and company protocol comply with applicable health information privacy regulations, standards and internal policies and procedures, including managing compliance with HIPAA, CCPA (and other state privacy laws) and GDPR
* Develop and review privacy policies and procedures for Google Health, in line with regulator requirements
* Help implement and operationalize new and existing policies and procedures for assigned Google Health line of business, including developing and delivering targeted privacy training and raise awareness of privacy best practices throughout your assigned line of business and Google Health
* Support the appropriate and secure use and disclosure of personal information through the performance of privacy reviews, privacy impact assessments and other activities designed to assess compliance
* Implement and support privacy-by-design activities for assigned applications, products and solutions