ACC is committed to compliance with all applicable equal employment laws. ACC In-house Jobline listings may not explicitly or implicitly discriminate on the basis of any prohibited factor.
Listings on the ACC In-house Jobline are for in-house attorney positions only. While we do not accept non-attorney corporate job listings, if you are hiring a corporate legal operations professional, contact LawDepartmentOps@ACC.com. By posting a job on the ACC In-house Jobline or using the service as a job seeker, you are agreeing to comply with our Terms and Conditions, including those relating to discrimination. The system administrator may delete postings, which do not comply. Employer postings removed by ACC are not subject to refund.
We are very interested in your thoughts as we continue to develop the ACC In-House Jobline to better serve your needs. If you have questions about ACC In-house Jobline, please call our helpdesk at: 1-888-491-8833 Ext. 1125 (Extension Required).
The US Privacy Counsel (“Privacy Counsel”) provides leadership and direct support for US legal data protection and privacy matters for Medtronic . This seasoned professional provides data protection and privacy legal expertise, guidance, and direct support for operational execution and compliance with US based legal, regulatory and business data protection and privacy requirements, such as HIPAA and state specific requirements. The Privacy Counsel is a key resource and strategic partner for multiple data protection and privacy stakeholders and functions such as the Global Data Protection and Privacy Program (“Global Program”); partner functions such as the Global Security Office and IT Architecture; and business group and regional executive leaders and personnel.
The Privacy Counsel reports to the Vice President, Chief Counsel, Governance, Privacy and Mergers and Acquisitions. To be successful, individuals in this position require broad legal experience coupled with deep US data protection and privacy expertise and demonstrated abilities to (1) form productive relationships across and within all levels of the organization; (2) navigate highly matrixed business operations and accountabilities; (3) influence without direct authority; (4) identify and address complex legal issues and risks relating to business operations and legal/regulatory requirements and provide recommendations and solutions to achieve business objectives; and (5) experience advising businesses on regulatory requirements for data protection and privacy.
The preferred location for this position is Minneapolis, MN.
The Privacy Counsel provides a broad range of legal advice, guidance and direct support for data protection and privacy compliance, analyzes complex legal issues, and identifies appropriate business and operational legal advice, solutions and strategies to limit/mitigate/remediate legal and business risks. Key responsibilities include:
Lead by example to model a culture of ethics and integrity; exercise sound judgment and courage as a trusted advisor to the business and to the team;
As a key resource for regional, business, function and other key stakeholders, provide in depth legal, regulatory, policy, and risk mitigation guidance, business solutions and advice relating to data protection and privacy legal and regulatory requirements;
Interpreting new legal and regulatory requirements relating to US data protection and privacy impacting Medtronic businesses. In collaboration with the Global Program team, provide guidance to regional and business leads for implementation of identified requirements. Provide legal advice on testing and response for high risk implementation activities as appropriate;
Advise on risk-based data protection and privacy operational compliance monitoring activities in collaboration and coordination with the organization's Global Program team;
Provide legal advice, guidance and support on the investigation and remediation of privacy breaches and other incidents; advise on notification and regulatory reporting requirements, as well as relevant communications; provide legal and risk mitigation advice including remediation and root cause determinations;
As requested, provide legal advice, guidance and support on the outcomes of a broad range of privacy impact assessment (PIA) activities and/or business consulting for new product development, material changes to existing products, third party vendor privacy assessments and business consultation requests as required by the PIA standards and procedures;
In collaboration with the Global Program, develop HIPAA model data protection and privacy documents, for example: notices of privacy practices, confidentiality notices, consents, authorization forms, contract language, business associate agreements and other related required documents;
Provide legal advice, guidance and support for development, implementation, validation and monitoring of HIPAA and other US regulatory data protection and privacy requirements;
Advise on legal requirements and identified issue resolution for response to individual rights requests such as access, restrictions on disclosure, accounting of disclosures, etc. as required by HIPAA;
Advise on the requirements and restrictions for transfer of personal data by Medtronic in the context of data processing and information transfers;
Draft, review, revise and negotiate and finalize agreements, including data processing agreements, or other legal agreements relating to privacy and data protection. Provide guidance and advice on appropriate data protection terms and conditions for agreements including vendor, supplier, customer and employee agreements, as well as RFP’s, bids, and strategic business partnerships.
Provide input on data protection and privacy legal and regulatory requirements relating to new product and business proposals;
Support data protection and privacy efforts relating to transaction due diligence and integration of acquisitions within the businesses;
Support for administrative and operational projects as requested by manager including budget planning and tracking, monitoring, development of strategic priorities and metrics; support of continuous improvement initiatives, and development and preparation of applicable reports;
Provide legal advice and guidance for the Global Program’s development and implementation of core privacy program elements as requested.
Other responsibilities as assigned from time to time.
IN ORDER TO BE CONSIDERED FOR THIS POSITION, THE FOLLOWING BASIC QUALIFICATIONS MUST BE EVIDENT ON YOUR RESUME:
Law Degree from a well-regarded and accredited university, with admission to practice law in Minnesota or at least one State
YEARS OF EXPERIENCE:
10+ years as a practicing lawyer with experience and knowledge of data protection/privacy requirements, laws and regulations in the US
SPECIALIZED KNOWLEDGE/SKILLS REQUIRED:
Knowledge of and experience providing legal advice and business solutions relating to US data protection and privacy laws and regulations – with specific expertise relating to HIPAA and State requirements;
Experience providing legal advice, support and business solutions for a data protection, privacy, security, or equivalent function directly or indirectly for a large, regulated and matrixed organization;
Strong expertise to provide legal advice and lead drafting of commercial agreements, contracts, vendor agreements, data transfer agreements; etc. as applicable;
Proven track record of successful and broad influence management
Legal experience in the healthcare industry
Strong ability to influence across functions and businesses to negotiate and gain cooperation on operational issues and internal divergent objectives
Demonstrated ability to work across a matrixed or virtual organization and still meet objectives
Experience and demonstrated ability to present to a variety of audiences including the ability to translate technical information
Familiarity with HIPAA, Breach Notification laws, ISO and other standards bodies and international standards
Demonstrated ability to manage multiple competing priorities simultaneously;
Demonstrated ability to utilize excellent decision-making skills;
Excellent advocacy and negotiation skills;
Excellent written and oral communication skills. Adept at analyzing and interpreting laws and regulations and providing business solutions
Demonstrated experience building positive relationships with a variety of stakeholders, including with employees, clients, senior management, external parties/authorities and suppliers;
Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health and extend life. We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be. We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Let’s work together to address universal healthcare needs and improve patients’ lives. Help us shape the
Founded in 1949 as a medical repair company, we're now among the world's largest medical technology, services and solutions companies, employing more than 89,000 people worldwide, serving physicians, hospitals and patients in over 155 countries. With our European Operations Center for Distribution and Shared Services in Heerlen, the Bakken Research Center in Maastricht, our manufacturing facility in Kerkrade, and the Dutch sales office in Eindhoven, Medtronic Netherlands has more than 1,750 employees.
Whatever your specialty or ambitions, you can make a difference at Medtronic - both in the lives of others and your career. Join us in our commitment to take healthcare Further, Together.