Privacy Specialist

US, US, CA - San Diego

Minimum Level of Education Required: Bachelors Degree

Percentage of Travel: Up to 25%

Location: CA - San Diego

Ref#: 17669

Share with: LinkedIn Google Plus Facebook Twitter

Apply Now
Job Description

Summary Statement:

NuVasive, Inc. is seeking to hire an experienced Privacy Specialist capable of developing and maintaining its Global Privacy Program, data security and information governance.  The candidate will report to the Risk Management Leader/Privacy Officer and the position is part of the Global Risk & Integrity Department (GRI). 

In collaboration with the Company’s Privacy Officer and GRI Leaders, this candidate will help implement security safeguards, including but not limited to: security risk analysis and management, monitoring and reviewing system access, following up on and mitigating security incidents. This individual also participates in project planning, implementation and post-implementation activities to support corporate policies and procedures concerning safeguarding of the organization’s confidential information.  The position actively helps ensure the organization is in compliance with HIPAA, GDPR and other applicable federal, state and international laws, regulations and guidance concerning the safeguarding of confidential information; company policies and procedures concerning safeguarding of confidential information; and the organization’s rules regarding business ethics and professional conduct. 

Key Responsibilities:

Top 3 Responsibilities:

  1. Coordinates the development, modification, implementation and evaluation of organization-wide information privacy and security policies and procedures, as required by HIPAA, GDPR and other applicable federal, state and international laws, regulations and guidance;
  2. Maintains current knowledge of applicable privacy laws, and accreditation standards (as applicable) and develops and implements organizational information privacy and security training;
  3. Monitors advancement in information privacy technologies to ensure organizational adoption and compliance.

Primary Job Duties:

  1. Collaborates with the Privacy Officer, GRI team members, and other stakeholders (e.g., Legal, Human Resources, Accounting, Information Technology, Clinical Services and Sales) to further develop (and ensure compliance with) various aspects of the organization’s Global Privacy Program , including but not limited to the following:
  2. Facilitates the creation and implementation of the Company’s information privacy policies and procedures;
  3. Performs privacy gap analyses, security risk assessments, and ongoing compliance monitoring activities in coordination with the Company’s other compliance and operational assessment functions;
  4. Assesses effectiveness of the Company’s privacy, data security and corporate record programs while recommending improvement opportunities;
  5. Collaborates with internal and external legal counsel and appropriate department heads to ensure the Company has and maintains appropriate privacy and confidentiality agreements, information notices and materials reflecting current organization and legal practices and requirements.
  6. Establishes and maintains processes and procedures to track access, use and disclosure of data, including “protected health information” as defined by HIPAA, “personal data” as defined by GDPR, and other individually identifiable information.
  7. Identifies potential areas of compliance vulnerability and risk, develops and implements corrective action plans for resolution of issues and concerns.
  8. Reviews processes and procedures for compliance with regulatory and audit requirements;
  9. Performs periodic reviews of systems, applications and network configurations, access and activity to ensure compliance with data security policies, procedures, standards and legal and regulatory compliance. Documents the review results and maintains records for audit and reporting purposes.
  10. Responds to potential violations of rules, regulations, policy, procedures and standards of conduct by investigating and evaluating the situation and circumstances.

Other Duties and Responsibilities:

  • Leads by example to implement effective policy and procedures;
  • Demonstrates the ability to work under stress, interruptions and tight deadlines;
  • Able to understand complex business strategy, interpret what will be needed to achieve objectives, and formulate a plan of action to close the gap;
  • Highly motivated, self-starter who collaborates well with others;
  • Performs other duties and provides support in varied areas, as assigned.


Additional Responsibilities/Requirements:

·        Perform duties in compliance with applicable FDA and state regulations as well as standards including, but not limited to, ISO 13485.

Nature and Scope:

  • Guided by GRI functional area strategy; implements policies and defines approach to privacy strategy achievement;
  • Works on issues where analysis of situations or data requires an in-depth knowledge of organizational and business objectives;
  • Establishes and assures adherence to budgets, schedules, work plans, and performance requirements;
  • Regularly interacts with senior management on matters concerning the GRI functional areas.
  • Requires the ability to change the thinking of, or gain acceptance from, others in sensitive situations, without damage to the relationship.
Basic Qualifications

Experience & Skills:

  • Bachelor’s degree required, with a minimum of two years experience in privacy;
  • International Association of Privacy Professionals (IAPP), Health Care Compliance Association (HCCA) or other privacy industry certifications preferred;
  • Experience in developing policies, procedures, training programs, compliance assessment and monitoring tools and techniques;
  • Experience in hands on and collaborative approach to solving and/or resolving issues, as well as planning and executing complex projects;
  • Sound working knowledge of current international, Federal and State healthcare and privacy laws and regulations and skills in researching international, Federal and State laws, rules and regulations;
  • Independent and objective thinker, able to advance ideas and influence others, manages conflicts in an open and constructive manner;
  • Must possess attention to detail, logical reasoning, able to formulate ideas and opinions to implement short and long term plans and solutions;
  • Must be able to interpret, correlate and implement programs that maintain compliance with rules, laws and regulations;
  • Demonstrates the ability to think strategically and assist the organization and management of a cross functional team is necessary;
  • Must be able to manage and prioritize multiple tasks/projects, work autonomously, and meet deadlines;
  • Must have strong organizational skills to operate independently with considerable initiative, applying a high level of discretion, sound judgment, and confidentiality;
  • Must possess excellent written and verbal communication skills;
  • Must maintain congenial, professional and collaborative relationships with internal and external parties; and
  • Proficient working knowledge of Microsoft Office.
Preferred Qualifications


NuVasive is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. The “EEO is the Law” poster options are available here.

About NuVasive
NuVasive, Inc. (NASDAQ: NUVA) is the leader in spine technology innovation, focused on transforming spine surgery and beyond with minimally invasive, procedurally-integrated solutions designed to deliver reproducible and clinically-proven surgical outcomes.The Company’s portfolio includes access instruments, implantable hardware, biologics, software systems for surgical planning, navigation and imaging solutions, magnetically adjustable implant systems for spine and orthopedics, and intraoperative monitoring service offerings. With $962 million in revenues (2016), NuVasive has an approximate 2,300 person workforce in more than 40 countries serving surgeons, hospitals and patients. For more information, please visit
Apply Now

Share with: LinkedIn Google Plus Facebook Twitter