Confirm your organization works with privacy steward, legal counsel and management to ensure your organization has and maintains appropriate security, privacy, and confidentiality consent, authorization forms, and information notices and materials reflecting current organization and legal practices and requirements.
Methodize: work cross functionally on technology implementation projects to provide IT controls expertise and test controls to meet information security and privacy requirements.
Ensure you strategically support leading edge initiatives designed to improve patient care and work with business leaders to support internal functions with privacy and security concerns, ensuring security and privacy by design.
Manage work with all organization personnel involved with any aspect of release of protected information, to ensure full coordination and cooperation under your organizations policies and procedures and legal requirements.
Audit: implement and maintain an internal reporting mechanism for intended (new or changed) personal data processing activities, to which business unit/process owners must adhere.
Confirm your organization ensures compliance with organization policies, procedures, and regulatory requirements, and the accuracy and reliability of organization data; and to confirm the adequacy of implemented security controls and help identify necessary improvements.
Confirm your organization takes a lead role, to ensure your organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements.
Confirm your organization completes assigned tasks designed to ensure the security of your organizations systems and information assets and protects against unauthorized access, modification, or destruction.
Ensure your organization utilizes security and vulnerability assessment tools internally and externally to identify network security weaknesses in order to recommend network or operating system enhancements.
Organize: review all system related information security plans through the Centers network to ensure alignment between security and privacy practices, and acts as a liaison to the information technology department.
Lead: review and assess privacy related risk with business partners to identify and address privacy related compliance gaps or areas of Privacy Risk in support of business requirements.
Support the development and implementation of effective data privacy practices, aimed at minimizing privacy legal risk and ensuring the confidentiality and integrity of personal data.
Serve as a privacy liaison to cross departmental stakeholders in connection with business activities establishing solutions that integrate privacy requirements with business priorities.
Identify: continuously review, evolves and, when necessary, executes your organizations IT disaster recovery plan and business continuity plan as it pertains to technology and technology assets to maximize uptime.
Devise and update policies and procedures for customers, employees and data breach incident responses, ensuring alignment with the actual implementation of personal data processing activities.
Lead the development and implementation of the enterprises risk strategy for effective risk and compliance program governance; intended to strategically and proactively mitigate risk, and promptly detect and correct instances of non compliance.
Analyze and review metrics of ethics, compliance and Privacy Risks to look for unusual patterns, ensure adherence to external regulatory obligations and internal standards compliance.
Coordinate the working relationships with IS and other related departments to ensure that privacy is integrated in all System Development Lifecycle Management processes and in any Project Management Methodology developed by business to implement projects and roll out systems and tools.
Manage work with all functions, divisions, and departments globally to coordinate the privacy support and advice to ensure that privacy by design is met in all projects and initiatives globally.
Evaluate: review all system related information security plans throughout your organizations network to ensure alignment between security and privacy practices, and acts as a liaison to the information systems department.
Provide day to day advice on common data protection to a wide range of stakeholders relating to security measures and advice into best practice for data protection risk mitigation measures.
Serve as a liaison between internal and external parties during contract development and negotiation stages and executes outcomes from contract negotiations into contractual language.
Ensure your organization implements and enforces regulatory compliance to prevent costly breaches (internal and external) which impact resource and commercial activities (fines, reports, file notes, corrective action, reputational damage).
Manage work with all the Centers personnel involved with any aspect of release of protected health information, to ensure full coordination and cooperation under the Centers policies and procedures and legal requirements.
Support and drive awareness of current ethics, regulatory compliance and privacy best practices, industry standards, references and data models to understand and evaluate potential areas of risk to the enterprise.
Ensure thrive has and maintains the appropriate privacy and confidentiality consents, authorizations, notices, and written requirements for legal requirements and best practice.