Our client, a known leader in the healthcare recruiting space, is seeking a seasoned Privacy Manager to take ownership of a maturing enterprise privacy program. This position offers the opportunity to lead privacy initiatives across a complex, fast-moving organization with active M&A activity and evolving tech systems. The ideal candidate brings deep expertise in healthcare privacy and regulatory compliance, with hands-on experience conducting PIAs, managing data mapping, and overseeing rights requests. With strong internal support, this is a stable role for a strong privacy manager who is ready to stabilize, streamline, and scale an established program. This hybrid role requires on-site presence two days per week.
Job Responsibilities
- Advance Enterprise Privacy Capabilities
- Proactively identify, assess, and prioritize privacy risks based on likelihood, impact, and control effectiveness. Develop scalable solutions to strengthen the organization’s privacy posture
- Embed Privacy by Design
- Lead Privacy Impact Assessments (PIAs) for internal tools, processes, products, and services. Collaborate with cross-functional teams to implement privacy-by-design and privacy-by-default principles
- Manage Privacy Incidents and Requests
- Oversee resolution of privacy complaints, data subject rights requests, and remediation efforts. Coordinate with legal and business stakeholders to ensure timely and compliant responses
- Document and Communicate Risk
- Create clear, actionable documentation of assessment findings, mitigation strategies, and progress updates for stakeholders and leadership
- Drive Privacy Awareness and Training
- Develop and deliver engaging privacy training and communications to promote awareness, accountability, and compliance across the organization
- Monitor Compliance and Metrics
- Track, analyze, and report on key privacy compliance metrics to inform decision-making and continuous improvement
- Optimize Privacy Technology
- Manage and enhance the use of privacy platforms for automation, assessments, and reporting to improve efficiency and compliance
- Support Legal and Regulatory Activities
- Assist with contract reviews, audits, regulatory inquiries, and data breach response efforts in collaboration with legal and compliance teams
- Influence Product Development
- Partner with product and engineering teams to integrate privacy considerations into the development lifecycle
- Stay Ahead of Regulatory Change
- Monitor evolving privacy laws, regulations, and industry trends to ensure the organization remains compliant and innovative
- Deep understanding of privacy laws and frameworks (e.g., GDPR, CCPA, HIPAA, etc.)
- Experience conducting Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs)
- Knowledge of privacy-by-design and privacy-by-default principles
- Familiarity with data subject rights and incident response processes
- Experience with privacy compliance tools and platforms (e.g., OneTrust)
- Ability to assess and prioritize privacy risks based on impact, likelihood, and control strength
- Strong analytical thinking and problem-solving skills
- Ability to translate complex privacy concepts into clear, actionable guidance
- Strong cross-functional stakeholder management and consensus-building skills
- Proven ability to manage multiple privacy initiatives simultaneously
- Experience leading privacy programs/projects from planning to execution
- Bachelor's Degree plus significant work experience OR High School Diploma/GED plus extensive work experience
- Certifications: Certified Information Privacy Professional (CIPP) (Preferred)
- Certificate in Investment Performance Measurement (CIPM) (Preferred)
- Experience in privacy risk management/privacy program management, preferably in a healthcare or technology company