As a core part of the Corporate Compliance Department, MSKs Privacy team is committed to safeguarding the privacy of our patients information and to promoting the highest standards of ethics and integrity in all we do. We work closely with our colleagues across departments to help MSK achieve its overall mission of conquering cancer.
We seek an experienced Privacy attorney to join our team in advising our internal clients on privacy law and policy, supporting institutional strategic initiatives, day to day clinical and business operations, and research matters.
Expertise in advising clients on GDPR and other global privacy frameworks, as well as experience with HIPAA and state privacy laws related to health information.
Demonstrated knowledge of US privacy and data protection laws such as CCPA, COPPA, and a keen understanding of the changing landscape of US privacy laws, including emerging comprehensive state privacy laws (e.g., Virginia, Colorado).
Experience implementing the practical requirements of data privacy laws, including individual data subject rights and requirements for de-identification and data anonymization.
Understanding of technology, marketing and ad tech, and experience advising clients on digital consumer privacy and protection (including, e.g., TCPA, CAN-SPAM, etc.) strongly preferred.
Familiarity with regulatory requirements for Human Subjects Research preferred.
An established track record of translating regulatory requirements into practical and impactful elements while supporting business strategy.
Ability to skillfully maneuver through complex policy, process, and people-related organizational dynamics.
A Juris Doctorate (JD) and a minimum of 5 years of direct experience advising clients on privacy law either at a law firm or as part of an in-house legal or compliance team.
Licensed to practice in NYS or eligible for in-house registration.
Serve as subject matter expert to business teams across MSK and advise on key legal questions related to privacy by developing a strong understanding of the business areas, performing thorough legal research as needed, and communicating timely and effective advice.
Lead negotiation of HIPAA Business Associate Agreements with MSKs IT and supply chain vendors.
Advise other members of the MSK legal team on data privacy laws and collaborate on transactions led by those team members.
Provide legal guidance to other members of the Compliance team in their management of privacy-related inquiries from patients and staff.
Collaborate with departments across the organization, including clinical, research, hospital administration, IT, procurement, and Information Security departments to develop and enhance policies governing MSKs use of personal data (PHI, PII).
Apply your expert knowledge of domestic and global privacy frameworks to proactively identify and address issues that may impact compliance with the law and MSK policy.
Stay abreast of new domestic and global privacy and data protection requirements and assess their impact on existing operations and strategic plans.
At Memorial Sloan Kettering (MSK), we’re not only changing the way we treat cancer, but also the way the world thinks about it. By working together and pushing forward with innovation and discovery, we’re driving excellence and improving outcomes. For the 28th year, MSK has been named a top hospital for cancer by U.S. News & World Report. We are proud to be on Becker’s Healthcare list as one of the 150 Great Places to Work in Healthcare in 2018, as well as one of Glassdoor’s Employees’ Choice Best Place to Work for 2018. We’re treating cancer, one patient at a time. Join us and make a difference every day.