As a core part of the Corporate Compliance Department, MSKs Privacy team is committed to safeguarding the privacy of our patients information and to promoting the highest standards of ethics and integrity in all we do. We work closely with our colleagues across departments to help MSK achieve its overall mission of conquering cancer.
We seek an experienced Privacy attorney to join our team in advising our internal clients on privacy law and policy, supporting institutional strategic initiatives, day to day business operations, and research matters.
Advise business teams across MSK on key legal questions related to privacy by developing a strong understanding of the business areas, performing thorough legal research as needed, and communicating timely and effective advice.
Apply your knowledge of HIPAA, state privacy laws related to health information, GDPR, and other domestic and global privacy frameworks to proactively identify and address issues that may impact compliance with the law and MSK policy.
Lead drafting and negotiation of HIPAA Business Associate Agreements with MSKs IT and supply chain vendors.
Advise other members of the MSK legal team on data privacy-related aspects of MSK transactions.
Serve as a key resource to administrative, clinical and research staff on privacy-related policies and regulations.
Provide subject-matter expertise and guidance to other members of the Compliance team in their management of privacy-related inquiries from MSK patients and staff.
Collaborate with departments across MSK, including colleagues from the Information Security, Clinical Research Administration, IRB, Regulatory, IT, and Hospital Operations teams to develop and enhance policies governing MSKs use of personal data (PHI, PII), including requirements for de-identification.
Stay abreast of new domestic and global privacy and data protection requirements and assess their impact on existing operations.
A Juris Doctorate (JD) and a minimum of 5 years of related experience at a law firm or as part of an in-house legal or compliance team advising clients on privacy law.
Demonstrated knowledge of HIPAA and state privacy laws related to health information.
Experience with GDPR and other domestic and global privacy frameworks.
Familiarity with regulatory requirements for human subjects research.
Experience advising clients on digital consumer privacy (including, e.g., TCPA, CAN-SPAM, etc.), a plus.
An established track record of translating regulatory requirements into practical and impactful elements while supporting business strategy.
Ability to skillfully maneuver through complex policy, process, and people-related organizational dynamics.
New York State Bar Admission, or the ability to be licensed within a year.
At Memorial Sloan Kettering (MSK), we’re not only changing the way we treat cancer, but also the way the world thinks about it. By working together and pushing forward with innovation and discovery, we’re driving excellence and improving outcomes. For the 28th year, MSK has been named a top hospital for cancer by U.S. News & World Report. We are proud to be on Becker’s Healthcare list as one of the 150 Great Places to Work in Healthcare in 2018, as well as one of Glassdoor’s Employees’ Choice Best Place to Work for 2018. We’re treating cancer, one patient at a time. Join us and make a difference every day.