Senior Counsel – Privacy Officer


This job investigates factual situations and presents well-reasoned and creative solutions and alternatives based upon independent legal research and analysis of the facts and the law, specifically managed care and privacy issues. The incumbent provides accurate legal advice and prepares effective documents based upon knowledge of federal, Pennsylvania and other applicable law, and the regulatory environment in which the Corporation and its affiliates (‘Corporation’) function. Provides regular legal support for one or more units of the Corporation and demonstrates increasing knowledge of the Corporation’s business, while retaining the discipline of legal analysis. Works cooperatively with inside counsel, and as necessary, outside legal counsel. This job also manages the activities of the privacy department and oversees all ongoing activities related to the development, implementation, maintenance of, and adherence to corporate policies and procedures and applicable federal and state privacy and breach of security laws; acts as the content expert and resource to privacy staff and internal business areas; provides policy and regulatory guidance and recommendations to business areas impacted by new and existing laws, regulations and corporate policy.


  • Communicate effectively by displaying effective oral and written communication skills.
  • Provide regular legal support for one or more units of the Organization, and demonstrate increasing knowledge of the Organization’s business.
  • Maintain positive and effective relations with other members of the Legal Department, as well as management and other staff of the Organization and outside counsel.
  • Prepare legal memoranda, contracts, pleadings, analyses, correspondences and other relevant documents.
  • Provide legal advice to management and staff.Provide accurate legal advice and prepare effective documents based upon knowledge of federal, state and other applicable law, and the regulatory environment in which the Organization functions.
  • Apply sound business judgment to the provision of legal advice.
  • Apply legal analysis to issues relating to Managed Care and Privacy.
  • Manage litigation, transactions, or other matters or work cooperatively with outside legal counsel.
  • May direct the work of outside legal counsel or facilitate the work of outside counsel to address issues effectively and efficiently, including minimizing outside legal counsel fees and expenses, as appropriate.
  • Negotiate with outside parties.
  • Must participate in any privacy or security committees or work groups and offering privacy compliance opinions to the committee/work group as well as offering alternative approaches to processes which may create vulnerabilities for the company.
  • Maintain and foster productive relationships between the Organization and group accounts, consultants, producers and other third-parties.
  • Ensure compliance with state and federal privacy and breach of security laws and privacy provisions in government, customer, vendor and strategic partnership contracts; and analyzing any changes to federal and state privacy and breach of security laws to ensure compliance and minimize risk.
  • Develop, maintain and communicate company privacy and CSI policies and procedures and any related employee education and training.
  • Advise the business areas regarding privacy and security impacts to company business, projects, products and initiatives.
  • Conduct audits and risk assessments of business areas for adherence to privacy-security policies and federal government contract requirements.
  • Investigate, mitigate and provide corrective actions plans and tracking of privacy and security incidents and breaches.
  • Manage and oversee the activities of the Privacy department.
  • Review third party agreements including business associate agreements, strategic partnership agreements, non-disclosure and confidentiality agreements; and when necessary working with Legal in negotiating and executing the final agreement.
  • Respond to inquiries relating to privacy from internal and external parties.
  • Other duties as assigned or requested.

    Juris Doctorate required.



  • Legal experience in related disciplines, such as insurance regulation, Medicaid and Medicare managed care general corporate law, contracts, and privacy law.
  • 3 years with contract drafting
  • 2 years in Managed Care
  • 2 years in a privacy position or with federal and state privacy laws.
  • Preferred:

  • 7-10 years General Legal Experience


  • License to practice law in the Commonwealth of Pennsylvania or eligible for admission within one year of hire.
  • CIPP Certification
  • Position Description »