Associate Senior Counsel, Privacy

Experienced privacy attorney will support the Office of Privacy and Innovation Governance, reporting to the Chief Privacy Counsel.

This role will counsel on matters related to privacy, cybersecurity, data use, and technology matters, and partner closely with IT, Cigna Information Protection, Procurement, Data & Analytics, Sales, Account Management, and Internal Audit.

This role requires expertise in HIPAA, state and federal privacy laws, data use regulations, and breach notification laws; seasoned judgment; diplomacy; exceptional communication skills; and a demonstrated ability to proactively identify and resolve issues.

Key Responsibilities :


* Provide legal advice and leadership for data loss incident preparation and incident response.


* Provide counsel related to advanced and cutting-edge data use and acquisition, as well as data mapping, classification, and related data management and governance.


* Manage complex legal issues and risk related to data analytics, AI, de-identification, and use of nascent and emergent technologies.


* Support the privacy, security, and data protection aspects of relationships and contracts with technology companies, "switch" vendors, HIEs, EMRs, app developers, and data aggregators.


* Interpret and apply privacy and data protection law and contractual requirements to a wide variety of business initiatives, such as (i) the development of clinical programs for patients and plan members; (ii) communications to providers and patients; (iii) policy development; (iv) collaboration and data exchange between affiliated and outside entities; and (v) digital initiatives such as website, email, text, social media, mobile apps, etc.


* Negotiate privacy and data use provisions, consistent with the company's strategy and goals.


* Collaborate with other attorneys in the Legal Department as a subject matter expert.


* Stay abreast of, and communicate clearly and succinctly to non-lawyers, changes to or developments in privacy and data protection laws and regulations and their impact on business operations.


* Apply sound business judgment to the provision of legal advice and continuously look for opportunities to improve service.

Qualifications:


* Juris Doctor required.


* 6-8 years healthcare regulatory compliance experience, in-house privacy experience at a large, matrixed healthcare company preferred.


* Deep understanding of HIPAA, state and federal privacy laws, data use regulations, and breach notification requirements.


* Extensive experience assessing and mitigating legal risks associated with privacy and data governance, cybersecurity, data and digital transactions, and consumer experience.


* Demonstrated ability to work collaboratively with cross-functional teams and provide clear, concise, and actionable legal guidance.


* Strong contract negotiation skills.


* Highly collaborative individual with the ability to influence others and build st...