Reporting to the Chief Privacy and Innovation Governance Officer, the Chief Privacy Counsel will lead the Privacy Legal team; counsel on high-profile issues related to privacy, cybersecurity, data use, and technology matters; and partner closely with IT, Cigna Information Protection, Data Governance, Digital & Analytics, Government Affairs, and Enterprise Risk Management. This role requires expertise in HIPAA, state and federal privacy laws, data use regulations, and breach notification laws; seasoned judgment; diplomacy; exceptional communication skills; and a demonstrated ability to identify and resolve issues proactively.
The ideal candidate will have experience working for large healthcare organizations; navigating complex regulatory environments; prudently managing outside counsel budgets and vendors; and exercising sound legal and business judgment. They will thrive in a fast-paced environment; work effectively in a matrixed organization across all levels of leadership; have excellent interpersonal, communication, and presentation skills; think strategically; and act decisively.
Location:
Bloomfield, CT preferred. Hybrid. Open to alignment with one of Cigna’s office locations.
Responsibilities
Leads a team of high-performing attorneys who:
- Counsel the enterprise with respect to the response to information incidents and data breach response.
- Negotiate privacy, security and data related language in contracts with clients and vendors.
- Support the enterprise’s M&A efforts by providing advice on all data, cyber and privacy related issues.
- Provide guidance on the appropriate methodology to de-identify data.
- Provide guidance on the development and administration of privacy notices and privacy policies.
- Provide guidance on the development and administration of data, cyber and privacy training.
- Work with Government Affairs to develop positions with respect to key legislative and regulatory developments.
- Engage with regulators on issues related to data, cyber and privacy.
- Work with Cigna Information Protection on developing a relationship with the FBI and other agencies focused on combating cyber-crime.
- Provide subject matter expertise and proactive legal guidance to the business regarding all legal and regulatory issues related to privacy, security and data.
- Intake, assess and communicate the requirements of all new laws and regulations related to privacy, security and data.
Qualifications
- Juris Doctor required.
- 10+ years regulatory compliance experience, with prior 8 focused on healthcare privacy; in-house privacy experience at a large, matrixed healthcare company preferred.
- Deep understanding of HIPAA, state and federal privacy laws, data use regulations, and breach notification requirements.
- Extensive experience assessing and mitigating legal risks associated with privacy and data governance, cybersecurity, data and digital transactions, and consumer experience.
- Demonstrated ability to work collaboratively with cross-functional teams and provide clear, concise, and actionable legal guidance.
- Strong contract negotiation skills.
- Understands the importance of supporting business leaders to enable sustainable growth.
- Adept at interacting with regulators and enforcement agencies.
- Demonstrated ability to lead, mentor, and develop legal teams in a fast-paced environment.
- Experience prudently managing outside counsel spend
- Highly collaborative individual with the ability to influence others and build strong professional relationships.
- Consistent sound judgment and strong analytic abilities.
- Outstanding verbal and written communications skills.
- Demonstrated ability to effectively manage complex and significant legal and contractual issues.
- Strong, independent decision-making ability.
- Intellectual flexibility: adept at reassessing priorities to ensure that internal and external expectations are fulfilled.
- Strong ability to navigate through barriers to drive successful initiatives throughout the business.
- Experience prudently managing outside counsel spend.
If you will be working at home occasionally or permanently, the internet connection must be obtained through a cable broadband or fiber optic internet service provider with speeds of at least 10Mbps download/5Mbps upload.
About The Cigna Group
Doing something meaningful starts with a simple decision, a commitment to changing lives. At The Cigna Group, we’re dedicated to improving the health and vitality of those we serve. Through our divisions Cigna Healthcare and Evernorth Health Services, we are committed to enhancing the lives of our clients, customers and patients. Join us in driving growth and improving lives.
Qualified applicants will be considered without regard to race, color, age, disability, sex, childbirth (including pregnancy) or related medical conditions including but not limited to lactation, sexual orientation, gender identity or expression, veteran or military status, religion, national origin, ancestry, marital or familial status, genetic information, status with regard to public assistance, citizenship status or any other characteristic protected by applicable equal employment opportunity laws.
If you require reasonable accommodation in completing the online application process, please email: SeeYourself@cigna.com for support. Do not email SeeYourself@cigna.com for an update on your application or to provide your resume as you will not receive a response.
The Cigna Group has a tobacco-free policy and reserves the right not to hire tobacco/nicotine users in states where that is legally permissible. Candidates in such states who use tobacco/nicotine will not be considered for employment unless they enter a qualifying smoking cessation program prior to the start of their employment. These states include: Alabama, Alaska, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Maryland, Massachusetts, Michigan, Nebraska, Ohio, Pennsylvania, Texas, Utah, Vermont, and Washington State.