Head of Privacy at Color Genomics
Burlingame, CA, US
Color is a modern health service that applies expertise in robotics, genomics, software and design to a crucial healthcare challenge: preventing or detecting conditions where early knowledge can improve health outcomes and reduce treatment costs. Color’s affordable, clinical-grade genetic tests help people understand their risk for hereditary cancer and heart conditions - knowledge that they and their doctors can use to create personalized health plans.
 
The privacy of our clients is central to our mission. Color is seeking a Head of Privacy to help implement and refine our policies to maintain privacy & integrity of sensitive data at Color, and communicate the measures we're taking to protect and safeguard client data. This is a great opportunity to join a disruptor in the healthcare industry and to work on novel issues in an exciting, fast-paced environment.
 
Responsibilities:

  • Serve as the point of contact for all privacy matters to the company.
  • Build and oversee our privacy program, and making sure employees are trained and aware of their responsibilities.
  • Maintain compliance with client privacy and data protection standards, including HIPAA/HITECH, GDPR, and related state and international regulations, as those requirements and our business evolve.
  • Investigate and implement requirements to comply with future required regulations, for example FedRAMP, HITRUST, FISMA.
  • Perform periodic audits/monitoring of our compliance.
  • Ensuring we bring customers, vendors, and partners onboard in a compliant manner (for example, making sure BAA's and DPA's get executed).
  • Work with potential business partners & customers to communicate our privacy measures. For example, coordinating privacy & security reviews for deals.
 
Ideal traits:

  • High level of trustworthiness, integrity, communication skills.
  • Develop and provide strategic and practical orientations with respect to privacy laws in connection with genetic information, digital business, consumer targeting, and acquisition and engagement.
  • Understanding of the spirit/intention behind the regulations. Also has opinions of how go beyond the requirements in order to do right by our clients.
  •  Foster a data protection culture within Color and help to implement key elements of the different regulations with an innovative approach.
  • Develop internal awareness, recruit and lead a network of internal privacy champions.
 
Qualifications:
 
  • JD degree from an accredited law school and/or at least 5+ years of relevant data privacy experience
  • Deep knowledge and expertise of US privacy laws. GDPR understanding is a plus.
  • Interested in user experience (UX)
  • Team oriented with excellent legal and business-oriented approach
  • Experience with healthcare companies, tech companies, or patient health information a big plus.