Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
We currently have a full-time job opening for an IT Privacy and Data Protection Manager
Information Security and Risk Management (ISRM) at Cardinal Health exists to ensure the availability, integrity and confidentiality of critical healthcare infrastructure that safeguards the patient. Our mission is to promote a culture that protects information assets, manages risk and embeds security and controls in people, process and technology.
The main responsibility of this role is to lead the overall IT privacy compliance program including defining, implementing and ensuring effective execution of IT controls to compliance with local, national and international privacy regulations such as GDPR (General Data Protection Regulation) and the CCPA (California Consumer Privacy Act).
This role is a senior position within the team and will work with all members of the Information Security and Risk Management team as well as privacy leaders in Legal, Ethics & Compliance and our various businesses throughout the Cardinal Health enterprise.
Additional responsibilities include:
Lead overall IT privacy and data protection compliance program
Implement compliance program to address local, national and international IT privacy and data protection requirements (both regulatory and contractual)
Collaborate with IT and business leaders to conduct compliance assessments
Advise and assist the IT organization in remediation and compliance of privacy and data protection requirements
Interface with Legal counsel and Ethics & Compliance leaders to address regulatory or compliance issues, concerns or questions
Partner with IT and IT Security in the development of policies, procedures and practices in support of privacy and data protection compliance
Identify opportunities to automate various privacy and data protection compliance activities to reduce the overall cost of compliance
Support additional IT general controls effectiveness efforts over infrastructure and applications as a "second line of defense"
Prior IT compliance, IT audit, IT risk assessment or IT privacy experience is a requirement
Security or risk certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) and/or CIPP (Certified Information Privacy Professional) certifications are a plus
Bachelors degree in related field or equivalent work experience
8+ years experience in related field preferred
Ideal candidate will have excellent communication skills with leaders at all levels within the organization, an ability to work in a matrixed environment to drive results, and the ability to clearly define and execute repeatable processes.
Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.