Assistant General Counsel - Privacy & Cybersecurity
DaVita

No Brag, Just Fact!

Over the last decade, we set out to be the world's greatest dialysis company, and over the next decade, we are poised to build the greatest healthcare community the world has ever seen. When you join the DaVita Village, you're joining a winning team. Through our commitment to training, growth and quality, we consistently achieve superior clinical outcomes while giving teammates the opportunity to excel in an award-winning environment that enables them to thrive both professionally and personally.

The DaVita in-house legal team is known as the "Justice League." The Justice League comprises over 280 attorneys, paralegals, and legal professionals. The Justice League counsels all businesses of DaVita and provides legal support for all transactions. DaVita's attorneys are viewed as strategic business partners and work closely with each other and senior management on a daily basis.

The Justice League values diversity and belonging, support and respect for each other, analytical rigor, commitment to professional development, and a passion for excellence.

OPPORTUNITY

The Assistant General Counsel is responsible for supporting the Privacy & Cybersecurity legal advisory function in the DaVita Privacy Office.

KEY ACCOUNTABILITIES AND RESPONSIBILITIES

• Responsible for supporting the Privacy & Cybersecurity legal advisory function in the DaVita Privacy Office, including advising DaVita's businesses and support functions such as Information Security and People Services.
• Lead a team of privacy specialists, analysts, managers, attorneys and support staff
• Provide legal advice on data privacy and security laws and regulations with emphasis on the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), U.S. state privacy laws, EU GDPR, PDPA, and all other relevant laws, regulations
• Provide advice on privacy and information security frameworks and best practices
• Provide direction in developing and monitoring policies and processes to assist business units in complying with privacy laws and regulations
• Manage and oversee outside counsel engagement and support
• Analyze complex privacy regulatory issues and present recommendations in oral and written form to senior executive leadership and business operational leadership

• Perform privacy regulatory review on all aspects of the business with focus on IT clinical systems development

• Collaborate with IT teams to ensure that internal development of technologies and services comply with applicable data security and privacy requirements
• Support IT compliance with administrative, technical and physical safeguards requirements
• Assist with negotiations of data privacy and security provisions in internal and 3rd party contracts/agreements
• Partner with various business teams to ensure that introductions of internal or 3rd party technology or services comply with applicable data privacy requirements, including review of related contractual agreements
• Contribute and review privacy education content and provide periodic best practices updates to business leadership
• Supervise and coordinate data breach responses, regulatory investigations, and other legal/external inquiries regarding privacy
• Coordinate with other legal teams on regulatory, risk, compliance, and operational issues

QUALIFICATIONS AND REQUIREMENTS

Experience & Education:

• J.D. Degree with minimum 8 years legal experience in HIPAA and state privacy compliance
• Relevant experience in both a law firm and in-house setting preferred
• Knowledge of, and inquisitive interest in healthcare preferred, however healthcare industry experience is not required
• State Bar Admission and good standing
• Understanding and experience with relevant health care privacy and security issues (e.g., audits, investigations, breach mitigation, incident response, etc.)
• Understanding and experience with IT systems and clinical IT development
• Ability to interpret new and existing privacy and security legal requirements and to develop and operationalize process to support regulatory compliance
• At least one privacy certification (CIPP/US, CIPT or CHPC) - attained and maintained
• At least one security certification (CISSP, HCISPP, Security+, CCSP) - attained and maintained preferred

Professional Qualifications:

• Demonstrated ability to function as a strong leader of a highly-motivated team.
• Superior written, verbal, and interpersonal communication skills with an acute ability to listen attentively and to communicate effectively throughout all levels of the organization.
• Professional demeanor and ability to interact at senior executive level with persuasiveness and confidence.
• Demonstrated relationship-building skills and ability to be "other-oriented"; ability to appreciate people with different backgrounds and points of view and create an environment where everyone belongs.
• Personal integrity, judgment and the ability to make decisions quickly.
• Adaptable, comfortable with uncertainty and ambiguity; accustomed to charting own/new course.
• Hands on, efficient and proven ability to "Get [a lot of] Stuff Done" with a bias for action and strong sense of ownership.
• A commitment to personal and professional growth.
• Candid and personally secure. Ability and willingness to seek and receive feedback constructively as development opportunities.
• Ability to work independently, shift focus, adapt to changing priorities, maintain patience in high pressure situations and take initiative where appropriate.
• Possesses strong work ethic and humor; able to work well under pressure in a fast moving, dynamic company.

Here is what you can expect when you join our Village:

• A "community first, company second" culture based on Core Values that really matter.
• Clinical outcomes consistently ranked above the national average.
• Award-winning education and training across multiple career paths to help you reach your potential.
• Performance-based rewards based on stellar individual and team contributions.
• A comprehensive benefits package designed to enhance your health, your financial well-being and your future.
• Dedication, above all, to caring for patients suffering from chronic kidney failure across the nation.

What We'll Provide:

More than just pay, our DaVita Rewards package connects teammates to what matters most. Teammates are eligible to begin receiving benefits on the first day of the month following or coinciding with one month of continuous employment. Below are some of our benefit offerings.

• Comprehensive benefits: Medical, dental, vision, 401(k) match, paid time off, PTO cash out
• Support for you and your family: Family resources, EAP counseling sessions, access Headspace®, backup child and elder care, maternity/paternity leave and more

• Professional development programs: DaVita offers a variety of programs to help strong performers grow within their career and also offers on-demand virtual leadership and development courses through DaVita's online training platform StarLearning.

As a legal department, we are committed to cultivating a diverse, inclusive, and equitable workplace in which all Teammates feel that they are treated with respect, are valued for the skills and qualities they contribute and belong. We also believe that diversity extends beyond traditional protected classes to the fullness of lived experiences and backgrounds. Our investment in Diversity & Belonging means that we are better able to harness the wide range of talents and perspectives among our teammates to develop collaborative, creative, and effective solutions to an array of business challenges; but most importantly, because it is simply the right thing to do.

At DaVita, we strive to be a community first and a company second. We want all teammates to experience DaVita as "a place where I belong." Our goal is to embed Diversity & Belonging into everything we do in our Village, so that it becomes part of who we are. We are proud to be an equal opportunity workplace and an affirmative action employer. As such, individuals are recruited, hired, assigned and promoted without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, protected veteran status, or any other protected characteristic.