Based in Hartford, CT, this attorney position will be part of the Enterprise Transaction, Intellectual Property and Privacy Law Group, which handles privacy, intellectual property, digital commerce, contracts and M&A for The Hartford.
In particular, the position will be responsible for supporting The Hartford's corporate Privacy Law and Information Protection functions and the Contract Center of Excellence as well as other group matters as needed. The attorney will routinely interact with management, business people, compliance and in-house and outside counsel.
The position is responsible for supporting The Hartford’s Privacy Law Unit, Information Protection Group and Enterprise Transactions Unit and ensuring that The Hartford’s businesses are apprised of and compliant with applicable cybersecurity and privacy laws through various means, and drafting and negotiating enterprise contracts consistent with company policy and best practices, including:
- Providing legal advice on cybersecurity incidents, and working with corporate partners to prepare for and respond to cyber and other information incidents.
- Providing legal advice to ensure practices with regard to personal information of customers and employees comply with applicable domestic and international information security and privacy laws and regulations including GLBA, HIPAA, FCRA, GDPR, CCPA, and other state privacy laws.
- Drafting, reviewing and negotiating cyber security and privacy contractual provisions for business transactions, including vendor, service provider and customer contracts;
- Drafting, reviewing and negotiating enterprise contacts, including vendor and service provider contracts;
- Advising on security and privacy-related technology issues, including the use of online websites and advertising, social media, and mobile applications in compliance with applicable laws and regulations.
- Developing and updating U.S. and international cybersecurity and privacy standards based on developments in privacy and other applicable laws;
- Representing Privacy Law on business projects across the enterprise to ensure that the company is maintaining a consistent interpretation of applicable cyber and privacy laws,
- Representing The Hartford on various industry committees and groups related to cyber and privacy law developments,
- Serving as a subject matter expert with respect to cyber and privacy training and awareness,
- Seek out opportunities to improve legal outcomes and internal/external processes based on legal or other trends and developments.
- Juris Doctor (J.D.) with 3-6 years of experience in a law firm or in-house law department working on privacy and cybersecurity issues (some in-house experience preferred).
- CT Bar License or CT in-house certification required, or must be subsequently obtained as required by Connecticut bar rules.
- Proven experience:
Communicating effectively with clients and/or law department management on complex legal issues.
Resolving legal issue presented and identifying and suggesting resolution of broader business problem.
Working independently as well as part of a team to deliver results
Working knowledge of federal, state and international privacy laws including at least the following: GLBA, FCRA, HIPAA, HITECH, GDPR, CAN-SPAM.
Counseling others on cybersecurity and privacy law issues.
Other desired traits:
- Strong analytical and critical thinking skills.
- Sound judgment and decision-making skills.
- Strong verbal and excellent written communications skills
- Knowledge of insurance legal and compliance issues
Behaviors at the Hartford
- Deliver Outcomes – Demonstrate a bias for speed and execution that serves our shareholders and customers.
- Operate as a Team Player – Work together to drive solutions for the good of The Hartford.
- Build Strong Partnerships – Demonstrate integrity and build trust with others.
- Strive for Excellence – Motivate yourself and others to achieve high standards and continuously improve.