Data Protection Legal Counsel

Human Health Project (HHP) is a holistic health literacy charity. Our mission is to improve the health of the underserved and vulnerable through holistic information, education and advocacy. Our objective is to empower people to manage their own health with improved outcomes and no medical errors. For more information, please visit our website including viewing our "Shared Patient Information" program page which includes 50 pages of reports on both our Migraine and Lupus and feedback received from people who reviewed the reports in the section, "What Our Members are Saying" - https://tinyurl.com/4c5y3mfa and our "Healthcare Access Program" which includes short video courses in our Learning Academy - https://tinyurl.com/4xwdz5wh , Patient Advocacy Workshops in Los Angeles, - https://tinyurl.com/mryave5x and in Northern Ireland - https://tinyurl.com/nhj6kp7p and our Online Peer to Peer Events - https://tinyurl.com/5ddmxuyn "

Data Protection Legal Counsel

• Provide legal advice to HHP on the full range data protection issues as well as select information security/cybersecurity issues.
• Work with technology and other stakeholders to build-out the existing privacy program.
• Prepare and assist in the preparation of privacy impact assessments.
• Review data leakage incidents and make determination as to whether any notifications are required. Draft and review and submit such notifications.
• Prepare and submit data protection notifications/registration with applicable data protection authorities.
• Advise colleagues in the Employment Law Group on matters pertaining to employee privacy (including subject access requests, monitoring programs, notice and consent requirements).
• Review and as needed uplift existing policies and procedures regarding data protections.
• Draft and review new policies, procedure, best practice documents, as needed.
• Help bring awareness and support for HHP's programs.
• Review and negotiate data protection and information security terms in vendor agreements, confidentiality agreements, etc.
• Prepare data protection-related training materials for use online.
• Liaise with colleagues in the US and EU to promote consistent data protection/privacy practices globally.
• Monitor and respond to developments in privacy and information security (i.e., new laws, regulations, important case decisions, regulatory guidance, etc.).
• Advise on privacy issues arising from the full range of marketing efforts and web-related advertising activities.

SKILLS/EXPERIENCE

• Law degree and qualification to practice law (can be US/EU).
• Minimum 5 years solid experience with data protection laws.
• Background or demonstrated interest in technology a plus.
• Experience drafting policies, procedures, notices and consents.
• CIPP (Certified Information Privacy Professional) accreditation a plus.
• Good leadership skills, demonstrated project management experience.
• Must be comfortable taking the initiative and working with minimal supervision.
• Effective communicator.
• Experience preparing and conducting data protection training.