Manager, Global Privacy Operations

THIS IS A REMOTE POSITION

PURPOSE AND SCOPE:

The Manager Global Privacy Operations provides input into the design implementation and oversight of the organizations global privacy program. This role is accountable for managing privacy risk assessments privacy impact assessments and processing activity records across all regions providing guidance to business owners to embed privacybydesign principles and enabling business operations. The Manager also assists with privacy investigations delivers privacy training supports the development and maintenance of privacy policies and contributes to crossfunctional privacy projects to ensure consistent operational execution of privacy requirements worldwide.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• Program Leadership & Governance: Support the HIPAA and global privacy program strategy and roadmap. Draft implement and maintain privacy policies standards SOPs and controls.
• HIPAA Compliance: Drive adherence to HIPAA Privacy Security and Breach Notification Rules including safeguards and patient rights.
• Global Privacy Compliance: Operationalize and drive compliance with global privacy laws (i.e. GDPR LGPD PIPL) applicable to FMEs healthcare business and corporate operations.
• A key responsibility is leading the coordination and completion of global privacy reviews with business owners and other stakeholders identifying risks and providing guidance aligned with privacy by design principles. These include managing:
• Data Protection Impact Assessment. Coordinate with business owners and other stakeholders across functions to complete assessments identify risks and consult with legal colleagues HIPAA Privacy Officer and EU Data Protection Officer (DPO) when necessary.
• Privacy Impact Assessments for other geographic regions (including US Canada LATAM APAC EMEA). Support local and regional appointed privacy contacts and business owners by managing global privacy assessments and documentation.
• Other privacy assessments: Support the creation completion and periodic reviews of other privacy assessments including Transfer Impact Assessments Legitimate interest Assessments etc. when required.
• Privacy Risk Management: Manage the evaluation and treatment of privacy risks identified in privacy reviews with the risk owner.
• Incident Response: Support privacy incidents investigations perform breach assessments and coordinate notifications.
• Training & Awareness: Support the design updating and delivery of HIPAA and global privacy training programs.
• Audit Readiness: Coordinate internal/external audits and maintain evidence repositories.
• Regulatory Intelligence: Track changes in U.S. and global privacy laws and recommend program enhancements.
• Normally receives little instruction on day-to-day work general instructions on new assignments.
• Provides assistance to junior level staff with more complex tasks that require a higher level of understanding of functions.
• Mentors other staff as applicable.
• Performs other related duties as assigned.

PHYSICAL DEMANDS AND WORKING CONDITIONS:

• The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
• Little to no travel is expected for this position.

SUPERVISION:

• None

EDUCATION AND REQUIRED CREDENTIALS:

• Bachelors Degree; Advanced Degree desirable or an equivalent combination of education and experience
• HCCA or IAPP certification preferable but not required.

EXPERIENCE AND SKILLS:

• 5-8 years related experience or an equivalent combination of education and experience
• Strong organization facilitation and presentation problem solving and analytical skills
• Able to communicate clearly make oral presentations and prepare concise reports.
• Self- motivated and initiative.
• Experience in using and preferably administration and configuration of privacy SaaS platforms (e.g. OneTrust) to manage records of Processing Activities Privacy Assessments Data Subject Rights requests and Privacy Notice templates. (Experience using modules to manage privacy incidents cookie consent management and AI governance are a plus)
• Established experience providing SME leadership in matrix organizations with cross-functional initiatives.
• Ability to interpret global regulatory requirements and translate them into actionable controls.
• Experience with assessing risk for AI/GenAI use cases
• Certifications such as CIPP/E CIPP/US CIPT CIPM CDPSE CISSP CDPO or equivalent are a plus.

The rate of pay for this position will depend on the successful candidates work location and qualifications including relevant education work experience skills and competencies.

Annual Rate: $122000.00 - $205000.00

Bonus Eligible Positions include language below.
Benefit Overview: This position offers a comprehensive benefits package including medical dental and vision insurance a 401(k) with company match paid time off parental leave and potential for performance-based bonuses depending on company and individual performance.

Fresenius Medical Care maintains a drug-free workplace in accordance with

EO/AA Employer: Minorities/Females/Veterans/Disability/Sexual Orientation/Gender Identity