Senior Privacy Counsel, US & Canada Privacy Leader in Chicago, IL

View All Manufacturing & Automotive jobs


Manufacturing & Automotive   •  

8 - 10 years

Posted 8 weeks ago

Role Summary:

This role provides policy, regulatory & legal/compliance leadership and support on US and Canada privacy matters for all GE Healthcare business units, as well as partners with other members of the GE Healthcare Global Privacy Office to help drive the overall global privacy program.

Essential Responsibilities:

• Provides expert advice on healthcare, customer and employee privacy laws and regulations, with a particular emphasis on the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and related implementing rules and regulations.

• Serves as GE Healthcare's HIPAA Privacy Officer.

• Provides support to GE Healthcare's Chief Privacy Counsel to assess, develop, implement and monitor processes to assist all GE Healthcare businesses to comply with US and Canadian privacy laws and regulations.

• Assists other members of the GE Healthcare Global Privacy Office to drive the overall global privacy program, with an emphasis on proving support with Asia Pacific, China, Southeast Asia and Latin America privacy issues.

• Collaborates with development teams to ensure that new introductions or versions of products and services comply with applicable data privacy and security requirements (legal, contractual or otherwise), and assists in the negotiation of data privacy and security provisions in related contracts/agreements.

• Collaborates with network of cross-functional representatives within GE Healthcare to drive compliance with applicable privacy laws and regulations, contractual obligations, internal policies and procedures, and breach investigation, mitigation and notification responsibilities.

• Conducts periodic and as-needed business audits and risk assessments to assess data privacy and security compliance.

• Works in partnership with our Digital Technology teams to ensure compliance with all applicable data security administrative, physical and technical safeguards.

• Provides privacy compliance training and periodic best practices tips/reminders to assigned businesses.

• Works cross-functionally to resolve individual privacy compliance issues/questions and investigations, assessing causes, developing corrective actions, and ensuring consistent application of corrective actions.

• Works as an integral part of the GE Healthcare Privacy team in evaluating other regulatory initiatives, planning and developing key strategies, and implementing actions vis-à-vis privacy institutions and regulatory agencies in a wider range of areas.


• JD (or equivalent) with active bar membership.

• 7+ years experience at a large law firm, corporate legal department or in equivalent compliance function, with significant experience in healthcare privacy matters.

• Deep knowledge of US privacy laws (especially HIPAA/HITECH), regulations and best practices, with particular experience in the healthcare industry.

• Working knowledge of key aspects of privacy laws in other countries, especially the European Union.

• Proven track record of project and process development, implementation and project management, with minimal supervision required.

• Proven ability to function as a member of a global team in a complex, matrix environment.

• Demonstrated experience identifying and resolving legal and regulatory issues quickly and effectively, with an ability to make real-time decisions.

• Demonstrated experience prioritizing conflicting demands from multiple business clients in an extremely fast-paced environment.

• Ability to communicate using English (and other local language) and outstanding interpersonal skills.

Desired Characteristics:

• Ability to cope with pressure and multiple deadlines contemporaneously.

• Detail-oriented.

• Excellent influencing skills combined with an ability to build strong working relationships within a matrix environment.

• Advanced communication skills - both written and verbal.

• Demonstrated ability to think and lead on a strategic level within a complex organization.

• Ability to deal effectively with people and work in diverse teams, sometimes virtually located.

• Level-headed approach to risk and managing such risk against business objectives.

• High level of energy and the ability to pass it on to other team members.