Privacy Manager

Hi, we're Oscar. We’re hiring a Privacy Manager to join our Privacy team in our California office. 

Oscar is a technology-driven, consumer-focused health insurance startup founded in 2012 and headquartered in New York City. Our goal is to make health insurance simple, transparent, and human. We need your help to do so.

About the role:

The Privacy Manager will work under the direction of the Head of Privacy to develop, implement and maintain a comprehensive enterprise-wide privacy program that is resilient to changes in business practices, regulations and privacy expectations while enabling consistent, effective privacy practices which minimize risk and ensure the confidentiality of protected information across the organization. 

The Privacy Manager is responsible for supporting the execution of day-to-day privacy activities under the direction of the Head of Privacy as described below.

Responsibilities:

• Support the development and implementation of a comprehensive enterprise-wide privacy program 
• Maintain privacy program documentation, including records of processing, privacy notices, policies, procedures, and data protection guides 
• Develop and manage procedures for vetting and auditing vendors for compliance with the privacy and data security policies and legal requirements 
• Draft and review the data privacy and security aspects of contracts with internal and external business partners to effectively manage and mitigate privacy risks via contract terms and conditions across a wide spectrum of clients and vendors, develop standard provisions, and escalation processes 
• Support privacy breach management activities including intake, escalation, investigation and notices 
• Support the development and implementation of system data minimization and retention strategy 
• Support the implementation and administration of privacy management technology ● Gather and document information to support privacy impact assessments and review of privacy controls 
• Support training and awareness efforts as needed and/or required to increase employee understanding of privacy policies, data handling practices, and legal obligations
• Gather and document information to support regular privacy program assessments to identify gaps in compliance and risks 
• Maintain knowledge of privacy laws, regulatory requirements and emerging issues to support enterprise adaptation, innovation and compliance 
• Other tasks as assigned by the Head of Privacy 

Requirements:

• Bachelors' Degree or commensurate experience
• 5+ years of experience in healthcare privacy risk compliance
• Experience working with U.S. privacy laws and emerging privacy trends
• Experience working with IT Security relating to Privacy
• Experience implementing and/or operating a privacy program and close collaboration with IT, Security and Data Governance functions 
• People management experience

Bonus points:

• J.D.
• CIPP/US 
• CIPM

Life at Oscar: 

At Oscar, being an Equal Opportunity Employer means more than upholding discrimination-free hiring practices. It means that we cultivate an environment where people can be their most authentic selves and find both belonging and support. We're on a mission to change health care -- an experience made whole by our unique backgrounds and perspectives.

We encourage our members to care for their whole selves, and we encourage our employees to do the same with comprehensive medical benefits, generous paid-time off, paid parental leave, retirement plans, company social events, stocked kitchens, wellness programs, and volunteer opportunities.

Reasonable Accommodation:

Oscar applicants are considered solely based on their qualifications, without regard to applicant’s disability or need for accommodation. Any Oscar applicant who requires reasonable accommodations during the application process should contact the Oscar Benefits Team (accommodations@hioscar.com) to make the need for an accommodation known.

Pay Transparency Policy:

Oscar ensures that you won't be discharged or discriminated against based on whether you've inquired about, discussed, or disclosed your pay. Read the full policy here.