B. Braun Medical Inc., a leader in infusion therapy and pain management, develops, manufactures, and markets innovative medical products and services to the healthcare industry. Other key product areas include nutrition, pharmacy admixture and compounding, ostomy and wound care, and dialysis. The company is committed to eliminating preventable treatment errors and enhancing patient, clinician and environmental safety. B. Braun Medical is headquartered in Bethlehem, Pa., and is part of the B. Braun Group of Companies in the U.S., which includes B. Braun Interventional Systems, Aesculap® and CAPS®.
Globally, the B. Braun Group of Companies employs more than 64,000 employees in 64 countries. Guided by its Sharing Expertise® philosophy, B. Braun continuously exchanges knowledge with customers, partners and clinicians to address the critical issues of improving care and lowering costs. To learn more about B. Braun Medical, visit www.BBraunUSA.com.
Braun Medical Inc. has an opening for a Privacy Officer specializing in the areas of healthcare and/or technology.
Reports directly to the Chief Legal Officer and is responsible for managing risk related to information privacy laws and compliance regulations and for designing and implementing the privacy program for all B. Braun of America's businesses and functions
This role will have overall responsibility for the design, development, implementation and management of the company's privacy program for all business lines and functions operating in the U.S.and will be responsible for managing the day to day operations of the program including interpreting, implementing, and updating compliance policies
This position will be responsible for devising and implementing strategies to further the company's privacy compliance program; conducting and communicating enterprise-wide risk assessments; and leading privacy training initiatives
Works with senior organization management, security, and corporate compliance officer to establish governance for the privacy program
In-depth knowledge of international, federal and state privacy laws (including EU GDPR, HIPPA, CCPA, and other emerging laws), best practices, frameworks, and self-regulatory models in the U.S. and abroad, including data protection, data retention, data security, and data breach/notification rules
Experience advising business, technology and information security teams on privacy issues in connection with the development of products, platforms, services and other initiatives involving the collection and use of personal information
Experience counseling on transaction-related privacy and information security issues, such as third-party data sharing agreements and other third-party activities to address privacy-related matters and/or concerns
Track and advise on legal, regulatory and policy developments relating to data collection and use, tracking and analytics, advanced advertising, and related issues to ensure organizational adaptation and compliance
Ability to learn different technologies and solutions created and/or used by company, advise on the specific privacy requirements associated with these technologies and solutions, and to strategically navigate complex privacy issues and identify tangible solutions
Review and assist in developing privacy controls with respect to privacy impact assessments, including privacy-related notices, policies, guidelines, standards and processes
Strategic Partner:Serves as a trusted strategic partner with business units, providing practical advice and alternative solutions to business issues
Business Acumen:Understanding of basic business concepts, strategies, and risks
Analytical Skills:Excellent judgment, strategic and analytical thinking and the ability to assess risk and mitigations and make recommendations based on the company's values, vision, business goals and risk appetite
Innovation:Strong problem-solving/creative skills that drive new business solutions
Project Management:Strong priority-setting skills, attention to detail and the ability to work on multiple projects at the same time
Communication:Excellent verbal and written communication skills to allow effective interaction with all levels of the organization
Growth Mindset:Possesses a growth mindset with a passion for learning new things
Collaboration:Ability to thrive in a team environment
Diversity & Inclusion:Fosters a diverse and inclusive workplace that enables all participants to contribute to their full potential in pursuit of organizational objectives
Healthcare Privacy:Certified in Healthcare Privacy and Security (CHPS); Experience advising healthcare providers and suppliers on federal and state laws governing health information, general privacy and security laws, data protection due diligence, cyber incident response, data breach notification as well as regulatory matters?(e.g., healthcare fraud and abuse, reimbursement, licensure
Healthcare Compliance:Certified in Healthcare Privacy Compliance (CHPC); Knowledge of Anti-kickback laws, false claims act, foreign-corrupt practices act, Physician Payments Sunshine Act, HIPAA, and FDA regulations?
Certified Information Systems Security Professional (CISSP)
Responsibilities: Essential Duties
Responsible for the strategy, design, development, implementation, maintenance, and oversight of the privacy compliance program for the Company.
Advise on specific privacy requirements such as relating to healthcare such as HIPPA as well as other US federal privacy laws such as FTC, state privacy laws such as California Consumer Privacy Act, EU privacy laws such as GDPR, and other applicable and emerging privacy related laws.
Performs initial and periodic information privacy risk assessments and conducts related ongoing compliance monitoring activities in coordination with the entity's other compliance and operational assessment functions.
Works with senior organization management, security, and corporate compliance officer to establish governance for the privacy program.
Collaborates across many functions, countries, cultures, and time zones to drive results on complex projects.
Supervision Given and Received:
Directs the activities of functional area.
Determines actual organizational structure and allocation of resources.
Expertise: Knowledge & Skills
Requires breadth of organizational, professional field, and industry knowledge.
Ability to integrate critical information from several diverse areas.
JD Degree with strong academic credentials required.
Admission to at least 1 US state bar or the District of Columbia.
10+ years experience within information privacy in a legal or compliance role required.
CIPP, CHPC or similar certification, or sufficient demonstrated experience and/or formal education in Privacy and Compliance required.
Occasional business travel required, Valid driver's license and passport
While performing the duties of this job, the employee is regularly required to sit and talk or hear. The employee frequently is required to use hands to handle or feel and reach with hands and arms. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 20 pounds.
B. Braun offers an excellent benefits package, which includes healthcare, a 401(k) plan, and tuition reimbursement. To learn more about B. Braun and our safety healthcare products or view a listing of our employment opportunities, please visit us on the internet at www.bbraunusa.com.
Through its “Sharing Expertise®” initiative, B. Braun promotes best practices for continuous improvement of healthcare products and services.