Privacy Officer, Apac

The Regional Privacy Officer is responsible for leading the organization’s regional Privacy Program including but not limited to daily operations of the program, development, implementation, and maintenance of policies and procedures, monitoring program compliance, investigation and tracking of incidents and breaches and insuring patients’ rights in compliance with local laws. The RPO will also work in close alignment with the other RPOs and be responsible for supporting and providing privacy direction and guidance to the global privacy team.

**Responsibilities**:

- Builds and maintains a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of protected health information (PHI) and other types of personal data namely those of employees and third parties in paper and/or electronic, across all media types
- Ensures privacy forms, policies, standards, and procedures are up-to-date and fully aligned with global standards.
- Work with organization senior management, IT security and the Chief Compliance Officer to establish governance for the privacy program.
- Collaborate with the information security team to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the information systems department.
- Establish an ongoing process to track, investigate and report inappropriate access and disclosure of protected health information. Monitor patterns of inappropriate access and/or disclosure of protected health information.
- Conduct related ongoing compliance monitoring activities in coordination with the organization’s other compliance and operational assessment functions.
- Take a lead role, to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements.
- Participate in the development, implementation, and ongoing compliance monitoring of all business associates and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.
- Work cooperatively with the Health Information Management (HMI) Director or equivalent role in the medical affairs organization and other applicable organization units in overseeing patient rights to inspect, amend, and restrict access to protected health information when appropriate.
- Manage all required breach determination and notification processes under HIPAA and applicable State breach rules and requirements.
- Establish and administer a process for investigating and acting on privacy and security complaints.
- Initiate, facilitate and promote activities to foster information privacy awareness within the organization and related entities.
- Work with organization administration, legal counsel, and other related parties, to represent the organization’s information privacy interests with external parties who undertake to adopt or amend privacy legislation, regulation, or standard.
- Serve as information privacy resource to the organization regarding release of information and to all departments for all privacy related issues.

**Qualifications**:

- Demonstrated organization, facilitation, written and oral communication, and presentation skills.
- Demonstrated skills in collaboration, teamwork, and problem-solving to achieve goals.
- Demonstrated skills in verbal communications and listening.
- Demonstrated skills in providing excellent service to customers.
- Excellent writing skills.
- A high level of integrity and trust.
- Extensive familiarity with health care relevant legislation and standards for the protection of health information and patient privacy.
- Health care legal and operational management skills.
- Global travel is expected.
- Regular participation in global team meetings, primarily virtual formats and occasional physical presence.

LI-AC1