Need help hiring top legal talent? Contact our team.
Company logo

Global Legal Director, Privacy

$198,400- $297,600/ year
Posted Mar 27
Full Time
On Site
Los Angeles, California

Job Description

 
 
Careers that Change Lives

This position requires a seasoned corporate generalist attorney with deep expertise in privacy matters affecting a HIPAA covered entity.  You will partner closely with executive-level business leaders, engaging in discussions related to business strategy, as well as legal and compliance matters across all functional areas of the business.  You should possess a keen ability to identify issues and find solutions, maintaining a focus on continuous improvement.  Demonstrating a strong sense of urgency and a track record of efficiently handling multiple priorities while aligning with the Medtronic Mindsets and Mission will be essential for achieving success in this role.

When you join Medtronic Diabetes, you become a member of our global team of dreamers and doers who are working tirelessly to reduce the burdens for people living with diabetes. Diabetes is a terrible disease because you cannot take a break from it. One in 10 people are diagnosed with Type 1 Diabetes and another 2.8M develop insulin intensive Type 2 Diabetes. Typically, someone living with diabetes is faced with hundreds of decisions a day: I’m hungry, what do I eat, how many carbs are in this meal, how much insulin do I take…

Medtronic Diabetes is working on next generation sensors, Continuous Glucose Monitoring (CGM), insulin delivery medical devices and software to alleviate this burden. The innovations in the diabetes field are at the nexus of closed loop automation, medical sensors and digital experience. Medtronic’s overall mission is to alleviate pain, restore health and extend life. That’s why our employees experience a sense of meaning, blended with diverse career opportunities in a dynamic, purpose-driven environment.  The Diabetes operating unit is working with the global community to change the way people manage their disease.  Together, we will transform diabetes care by expanding access, integrating care, and improving outcomes so people living with diabetes can enjoy greater freedom and better health.

This position would ideally be located in Northridge, CA, but could also have a remote location for the right candidate with the understanding that the individual may be expected to travel as needed.  This position reports to the Chief Legal Counsel for the Diabetes Operating Unit and works closely with the other regional and corporate legal and compliance partners.  

A Day in the Life

Responsibilities may include the following and other duties may be assigned.

  • Privacy Legal Counsel:  Advise the business, a HIPAA covered entity with a US direct to patient business model, on privacy related matters regarding compliance, data governance, regulatory interpretation and all domestic and international privacy related regulations affecting the business.  You will collaborate closely with Medtronic’s Data & Privacy COE to provide expert legal advice and guidance to internal teams, executive management and stakeholders on all matters related to privacy.  Globally, you will work with our COE, regional attorneys and privacy professionals to ensure regulatory compliance and best practice implementation.  Domestically, you will focus on a wide range of business operations activities, practices and standards to meet US state and federal privacy regulatory requirements such as HIPAA, TCPA, COPPA, CAN-SPAM, breach notification laws, FTC requirements and requirements of ISO and other privacy frameworks. 
      • HIPAA Compliance: Lead and oversee HIPAA compliance efforts, including the development, implementation and maintenance of policies and procedures to protect patient information.
      • Privacy Advising: Advise on a wide variety of privacy-related matters, including in support of product development, technical requirements, mobile applications, marketing and sales, IT projects and patient programs.
      • Privacy by Design:  Manages the legal input and implementation of our Privacy by Design program, including ongoing development of standards, policies and playbook guidance for our software and product teams to incorporate privacy into the product life cycle.
      • Risk Assessment:  Conduct risk assessments and audits to identify and mitigate potential privacy and security risks associated with patient data.
      • Privacy Training:  Develop and deliver privacy compliance training programs for employees to ensure awareness and adherence to domestic and global regulations.
      • Incident Response:  Lead investigations and responses to data breaches or privacy incidents in accordance with regulatory requirements and best practices.
      • Contract Review for Privacy:  Review material contracts, agreements and partnerships to ensure they align with privacy requirements and protect patient data.
      • Privacy Remediation: Ensure Operating Unit privacy-related remediations are adequately and timely resolved.
      • Regulatory Updates:  Stay current with evolving healthcare privacy laws and regulations and adapt organizational policies and practices accordingly.
      • Documentation:  Maintain accurate records and documentation related to privacy compliance efforts.
      • Litigation Support:  Assist in legal matters, disputes, or legal actions related to patient privacy and HIPAA compliance.
      • Advocacy:  Represent the organization's interests in dealings with government agencies, industry associations and other relevant bodies with regard to healthcare privacy issues.
  • Commercial Legal Counsel:  In addition to the role of lead privacy counsel, you will act as the lead commercial attorney for functional segments of the business in partnership with the Diabetes legal team – providing advice and counsel on commercial contracting, healthcare compliance and regulatory matters, M&A and strategic transactions, litigation and investigations, intellectual property and other general legal matters. 
  • Team Member:  Work closely with Medtronic Legal, Data & Privacy COE and compliance colleagues across the globe on international privacy issues including GDPR and other region and country specific regulatory frameworks.
 
Must Have: Minimum Requirements
  • Juris Doctor from a top tier law school
  • Licensed to practice law and in good standing under the Bar of at least one state or Washington D.C.
  • 8+ years of legal experience to include healthcare privacy experience
  • Experience in a law firm, corporate legal department or in-house counsel role
  • Healthcare industry experience – pharma, med-device, life sciences, etc. 
 
Nice to Have
  • 12+ years of legal experience, with at least the past 8 years having a heavy focus on healthcare privacy related matters
  • Leadership gravitas and a proven ability to influence leadership at all levels of an organization
  • An adept ability to issue spot with a solution-oriented and continuous improvement mindset
  • Prior success in effectively identifying, assessing and prioritizing compliance-related risks, such as through risk assessment, policies & procedures, training, monitoring and remediation actions
  • Experience providing legal advice, support and business solutions for a data protection, privacy, security or equivalent function for a large, regulated and matrixed organization
  • Legal and privacy experience in advising on direct-to-customer (B2C) business models.
  • Ability to identify high risk situations and provide appropriate guidance, including the ability to make courageous and unpopular decisions  
  • Excellent written and verbal communication and presentation skills
  • Ability to manage and execute multiple complex projects across multiple stakeholder groups within required timelines and expectations
  • Courage, integrity and strong ethical character
  • Strong understanding of, and ability to demonstrate, the following cultural norms:  act boldly; compete to win; move with speed & decisiveness; foster belonging; and deliver results the right way
 
About Medtronic

Together, we can change healthcare worldwide. At Medtronic, we push the limits of what technology, therapies and services can do to help alleviate pain, restore health and extend life.  We challenge ourselves and each other to make tomorrow better than yesterday. It is what makes this an exciting and rewarding place to be.

We want to accelerate and advance our ability to create meaningful innovations - but we will only succeed with the right people on our team. Let’s work together to address universal healthcare needs and improve patients’ lives. Help us shape the future.

Physical Job Requirements

The physical demands described within the Responsibilities section of this job description are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. For Office Roles: While performing the duties of this job, the employee is regularly required to be independently mobile. The employee is also required to interact with a computer, and communicate with peers and co-workers. Contact your manager or local HR to understand the Work Conditions and Physical requirements that may be specific to each role. (ADA-United States of America)

A commitment to our employees lives at the core of our values. We recognize their contributions. They share in the success they help to create. We offer a wide range of benefits, resources, and competitive compensation plans designed to support you at every career and life stage. Learn more about our benefits here

This position is eligible for a short-term incentive plan. Learn more about Medtronic Incentive Plan (MIP) here

This position is eligible for an annual long-term incentive plan. Learn more about Medtronic Long-Term Incentive Plan (LTIP) here.

The base salary range is applicable across the United States, excluding Puerto Rico and specific locations in California. The offered rate complies with federal and local regulations and may vary based on factors such as experience, certification/education, market conditions, and location. Compensation and benefits information pertains solely to candidates hired within the United States (local market compensation and benefits will apply for others).