Privacy & Compliance Manager

Remote Full-time
Job Description:
• Oversee the day-to-day operation of Meditec’s U.S. privacy program, including development and maintenance of policies, procedures, training, and privacy governance documentation.
• Lead incident investigation and response, including breach assessment, remediation, and notifications to regulatory agencies and other stakeholders as required.
• Monitor and interpret international, federal, and state privacy and data protection laws (e.g., GDPR, HIPAA, CCPA/CPRA) and ensure Meditec’s collection, retention, use, and disclosure of data comply with applicable requirements.
• Conduct routine audits and assessments of privacy and data protection practices; draft reports of findings and present recommendations for technical and operational improvements.
• Lead project management efforts for implementation of new privacy tools, controls, and processes.
• Draft, review and negotiate a broad range of privacy, information security, and product security agreements, including Business Associate Agreements (BAAs), Data Transfer Agreements, customer-supplied questionnaires, and cybersecurity documentation.
• Serve as a subject matter expert on privacy and data protection, providing guidance to product engineering, IT, security, and business teams.
• Act as a liaison with Meditec affiliates and ZEISS Corporate Data Protection Office as the Data Protection Coordinator.
• Develop and deliver privacy training and workforce education addressing the handling of PHI, PII, and confidential information to foster a privacy-aware culture.
• Manage and oversee U.S. federal and state Aggregate Spend / Open Payments reporting, including data collection, validation, remediation, and submission activities.
• Actively monitor and manage external vendors, ensuring accurate data aggregation from multiple source systems.
• Evaluate data quality issues and obtain additional information from internal stakeholders or third parties when required.
• Perform analysis related to Healthcare Professionals (HCPs), including license verification, CMS validation failures, and residency determinations.
• Prepare and review aggregate spend submission reports and determine completeness and accuracy for Meditec entities.
• Submit aggregate spend data through the CMS Open Payments Portal and support company officers during attestation.
• Investigate and resolve Open Payments disputes in collaboration with internal and external partners in accordance with federal guidelines.
• Review, route, approve, and release payment for commercial sponsorship requests, ensuring adherence to company compliance policies.
• Monitor and update sponsorship and transparency guidance as regulations and internal policies evolve.
• Support compliance-related audits, investigations, and training initiatives as directed by U.S. Compliance Counsel.

Requirements:
• Bachelor’s degree required
• Five (5) or more years of experience in data privacy / data protection
• Three (3) or more years experience in healthcare compliance (with focus on aggregate spend / Open Payments / Sunshine Act reporting).
• Strong understanding of GDPR, HIPAA, CCPA/CPRA, and healthcare transparency laws.
• Working knowledge of CMS Open Payments reporting requirements.
• Familiarity with security and risk frameworks (e.g., NIST, ISO 27001) preferred
• Excellent analytical, organizational, and problem-solving skills.
• Strong written and verbal communication skills with the ability to influence at all organizational levels.
• Proven ability to manage vendors, complex data workflows, and cross-functional projects.
• Proficiency in Microsoft Word, Excel, and PowerPoint.
• Proactive, detail-oriented, and adaptable to changing regulatory and business priorities.

Benefits:
• Medical
• Vision
• Dental
• 401k Matching
• Employee Assistance Programs
• Vacation and sick pay

Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Pricing Analyst V - (Mission Solutions)

Remote

Part-Time Yelp Spam Comment Remover-

Remote

Expert Consultant – Solution Customer Success Manager, Adobe Workfront (Adobe Pr

Remote

Experienced Remote Data Entry Operator - High Volume Data Entry for Customer Information Systems at blithequark

Remote

**Experienced Full Stack Customer Service Representative – Remote Travel Support Specialist at blithequark**

Remote

Parallon Leadership Development Program

Remote

Remote Real Estate Contract Finalization Specialist | Work-from-Home | Entry-Level Path Into Wholesaling

Remote

Experienced Data Entry Associate – Remote Opportunity at careerzynith

Remote

Teleworking Netflix Remote$27/h Online Virtual Remote Indeed At

Remote

Experienced Customer Service Representative – Delivering Exceptional Experiences for careerzynith Clients

Remote
← Back