Director, Privacy Counsel
Foundation Medicine, Boston, MA, United States
Overview
About the Job: The Director, Privacy Counsel plays a critical leadership role within FMI’s privacy program and serves as a trusted advisor across FMI’s operations. This role is responsible for independently interpreting and advising on U.S. and ex-U.S. data protection laws, including HIPAA (as a Covered Entity), GDPR, U.S. state consumer and genetic privacy laws, and related regulatory frameworks. As a designated Privacy Officer reporting to the Chief Privacy Officer, this role exercises significant judgment and autonomy in guiding business, clinical, research, and commercial stakeholders, and in shaping and operationalizing FMI’s enterprise privacy strategy. The Director, Privacy Counsel partners closely with legal, compliance, product, commercial, medical, information security, marketing, and business teams to enable responsible data use while protecting patient, customer, and research participant trust. The Director, Privacy Counsel plays a critical leadership role within FMI’s privacy program and serves as a trusted advisor across FMI’s operations. This role is responsible for independently interpreting and advising on U.S. and ex-U.S. data protection laws, including HIPAA (as a Covered Entity), GDPR, U.S. state consumer and genetic privacy laws, and related regulatory frameworks. As a designated Privacy Officer reporting to the Chief Privacy Officer, this role exercises significant judgment and autonomy in guiding business, clinical, research, and commercial stakeholders, and in shaping and operationalizing FMI’s enterprise privacy strategy. The Director, Privacy Counsel partners closely with legal, compliance, product, commercial, medical, information security, marketing, and business teams to enable responsible data use while protecting patient, customer, and research participant trust. Key Responsibilities
Serve as a senior privacy subject matter expert for FMI, providing legal guidance on privacy matters with minimal reliance on outside counsel. Serve as a Privacy Officer for FMI reporting to the Chief Privacy Officer. Maintain deep, current knowledge of applicable U.S. and ex-U.S. privacy laws, particularly in healthcare, genetic privacy, research, and biopharma collaboration contexts. Advise FMI on matters related to informed consent, HIPAA authorization, research protocols, and secondary data use. Advise FMI on de-identification, pseudonymization, and anonymization standards and evolving regulatory expectations. Support investigation, analysis, remediation, and notification activities related to privacy and security incidents. Support legal colleagues in drafting, reviewing, and negotiating data use and data protection terms in commercial agreements, vendor agreements, data sharing agreements (e.g., BAAs, DPAs, DUAs), research agreements, clinical trial agreements, and other collaboration agreements. Collaborate closely with the privacy team and broader legal and compliance department to advance and continually improve FMI’s privacy program, including assisting with the development of policies, procedures, training, and awareness activities. Participate in certain internal FMI committees as a standing team member. Prepare materials and make presentations, as necessary or requested. Independently triage workflow, set clear priorities and expectations with stakeholders, and efficiently deliver results. Manage and coordinate with outside privacy counsel, as needed on a case-by-case basis. Other duties as assigned. Qualifications
Basic Qualifications: Juris Doctor (JD) degree from an accredited law school and active U.S. bar membership in good standing 8+ years of progressive experience working in data privacy law, including substantial experience advising healthcare or life sciences organizations Preferred Qualifications: Prior in-house privacy experience at a healthcare company or institution (e.g., diagnostics, medical device, pharma/biotech, hospital system, healthcare provider) Prior experience at a top-tier law firm. Experience advising business and legal colleagues on data privacy laws, regulatory guidance, and industry guidelines, including but not limited to HIPAA, GDPR, the Federal Trade Commission (FTC) Act, CCPA and other state privacy laws, and genetic information privacy and security laws Experience working in privacy program at a HIPAA Covered Entity or advising HIPAA Covered Entity clients on privacy matters Experience working in a privacy program of a Controller that complied with GDPR or advising clients on GDPR compliance matters CIPP/US or CIPP/E certification Prior people management or demonstrated readiness to lead and mentor others Ability to apply a risk-based analysis to privacy issues and demonstrate creativity and flexibility in developing solutions that satisfy both business requirements and legal obligations Demonstrated ability to prioritize numerous requests for assistance and offer superior advice in a timely, thoughtful, and complete manner Ability to establish and maintain strong relationships within FMI’s business and legal teams; engage professionally with colleagues at all levels, including external partners, and influence outcomes through effective leadership skills; and work in a dynamic, evolving, and fast-paced work environment, with the confidence and abilities to work independently Strong analytical skills and attention to detail Excellent collaboration and influencing skills Superior judgment and rigor in relation to problem-solving and appropriate escalation of issues Excellent written and oral communication and presentation skills High level of integrity and trust Commitment to FMI values: integrity, courage, and passion The expected salary range for this position based on the primary location of Boston, MA is $210,000 - $263,000 per year. The salary range is commensurate with Foundation Medicine’s compensation practice and considers factors including, but not limited to, education, training, experience, external market conditions, criticality of role, and internal equity. A discretionary annual bonus may be available based on individual and Company performance. This position also qualifies for Foundation Medicine's benefits.
#J-18808-Ljbffr
About the Job: The Director, Privacy Counsel plays a critical leadership role within FMI’s privacy program and serves as a trusted advisor across FMI’s operations. This role is responsible for independently interpreting and advising on U.S. and ex-U.S. data protection laws, including HIPAA (as a Covered Entity), GDPR, U.S. state consumer and genetic privacy laws, and related regulatory frameworks. As a designated Privacy Officer reporting to the Chief Privacy Officer, this role exercises significant judgment and autonomy in guiding business, clinical, research, and commercial stakeholders, and in shaping and operationalizing FMI’s enterprise privacy strategy. The Director, Privacy Counsel partners closely with legal, compliance, product, commercial, medical, information security, marketing, and business teams to enable responsible data use while protecting patient, customer, and research participant trust. The Director, Privacy Counsel plays a critical leadership role within FMI’s privacy program and serves as a trusted advisor across FMI’s operations. This role is responsible for independently interpreting and advising on U.S. and ex-U.S. data protection laws, including HIPAA (as a Covered Entity), GDPR, U.S. state consumer and genetic privacy laws, and related regulatory frameworks. As a designated Privacy Officer reporting to the Chief Privacy Officer, this role exercises significant judgment and autonomy in guiding business, clinical, research, and commercial stakeholders, and in shaping and operationalizing FMI’s enterprise privacy strategy. The Director, Privacy Counsel partners closely with legal, compliance, product, commercial, medical, information security, marketing, and business teams to enable responsible data use while protecting patient, customer, and research participant trust. Key Responsibilities
Serve as a senior privacy subject matter expert for FMI, providing legal guidance on privacy matters with minimal reliance on outside counsel. Serve as a Privacy Officer for FMI reporting to the Chief Privacy Officer. Maintain deep, current knowledge of applicable U.S. and ex-U.S. privacy laws, particularly in healthcare, genetic privacy, research, and biopharma collaboration contexts. Advise FMI on matters related to informed consent, HIPAA authorization, research protocols, and secondary data use. Advise FMI on de-identification, pseudonymization, and anonymization standards and evolving regulatory expectations. Support investigation, analysis, remediation, and notification activities related to privacy and security incidents. Support legal colleagues in drafting, reviewing, and negotiating data use and data protection terms in commercial agreements, vendor agreements, data sharing agreements (e.g., BAAs, DPAs, DUAs), research agreements, clinical trial agreements, and other collaboration agreements. Collaborate closely with the privacy team and broader legal and compliance department to advance and continually improve FMI’s privacy program, including assisting with the development of policies, procedures, training, and awareness activities. Participate in certain internal FMI committees as a standing team member. Prepare materials and make presentations, as necessary or requested. Independently triage workflow, set clear priorities and expectations with stakeholders, and efficiently deliver results. Manage and coordinate with outside privacy counsel, as needed on a case-by-case basis. Other duties as assigned. Qualifications
Basic Qualifications: Juris Doctor (JD) degree from an accredited law school and active U.S. bar membership in good standing 8+ years of progressive experience working in data privacy law, including substantial experience advising healthcare or life sciences organizations Preferred Qualifications: Prior in-house privacy experience at a healthcare company or institution (e.g., diagnostics, medical device, pharma/biotech, hospital system, healthcare provider) Prior experience at a top-tier law firm. Experience advising business and legal colleagues on data privacy laws, regulatory guidance, and industry guidelines, including but not limited to HIPAA, GDPR, the Federal Trade Commission (FTC) Act, CCPA and other state privacy laws, and genetic information privacy and security laws Experience working in privacy program at a HIPAA Covered Entity or advising HIPAA Covered Entity clients on privacy matters Experience working in a privacy program of a Controller that complied with GDPR or advising clients on GDPR compliance matters CIPP/US or CIPP/E certification Prior people management or demonstrated readiness to lead and mentor others Ability to apply a risk-based analysis to privacy issues and demonstrate creativity and flexibility in developing solutions that satisfy both business requirements and legal obligations Demonstrated ability to prioritize numerous requests for assistance and offer superior advice in a timely, thoughtful, and complete manner Ability to establish and maintain strong relationships within FMI’s business and legal teams; engage professionally with colleagues at all levels, including external partners, and influence outcomes through effective leadership skills; and work in a dynamic, evolving, and fast-paced work environment, with the confidence and abilities to work independently Strong analytical skills and attention to detail Excellent collaboration and influencing skills Superior judgment and rigor in relation to problem-solving and appropriate escalation of issues Excellent written and oral communication and presentation skills High level of integrity and trust Commitment to FMI values: integrity, courage, and passion The expected salary range for this position based on the primary location of Boston, MA is $210,000 - $263,000 per year. The salary range is commensurate with Foundation Medicine’s compensation practice and considers factors including, but not limited to, education, training, experience, external market conditions, criticality of role, and internal equity. A discretionary annual bonus may be available based on individual and Company performance. This position also qualifies for Foundation Medicine's benefits.
#J-18808-Ljbffr