Director, Legal Counsel

Employment Type

: Full-Time


: Legal

Director, Legal Counsel-20001LRAt Blue Shield of California we are parents, leader, students, visionaries, heroes, and providers. Everyday we come together striving to fulfill our mission, to ensure all Californians have access to high-quality health care at a sustainably affordable price. For more than 80 years, Blue Shield of California has been dedicated to transforming health care by making it more accessible, cost-effective, and customer-centric. We are a not-for-profit, independent member of the Blue Cross Blue Shield Association with 6,800 employees, more than $20 billion in annual revenue and 4.3 million members. The company has contributed more than $500 million to Blue Shield of California Foundation since 2002 to have a positive impact on California communities. Blue Shield of California is headquartered in Oakland, California with 18 additional locations including Sacramento, Los Angeles, and San Diego. We’re excited to share Blue Shield of California has received awards and recognition for – LGBT diversity, quality improvement, most influential women in corporate America, Bay Area’s top companies in volunteering & giving, and one of the world’s most ethical companies. Here at Blue Shield of California, we’re striving to make a positive change across our industry and the communities we live in – Join us!


This position reportsto the Director, Chief Privacy Official (CPO).The position is part of the Privacy Office, a division of the CorporateIntegrity and Risk Management Department within the Blue Shield Law Department.

The Privacy Officeis responsible for the oversight of Blue Shield’s Privacy Program.Blue Shield’s Privacy Program ensures that BlueShield and its affiliated covered entities (ACE), including Blue Shield ofCalifornia Promise Health Plan, are in compliance with state and federalprivacy laws, including but not limited to, the privacy components of theHealth Insurance Portability and Accountability Act of 1996 (HIPAA),the Health Information Technology forEconomic and Clinical Health Act of 2009 (HITECH), and the California MedicalInformation Act (CMIA).

Inaccordance with the Blue Shield Privacy Program, the Privacy Office reports to theAudit Committee of the Board of Directors and senior executive leadership, managesand organizes the Privacy Council; develops and implements privacy relatedpolicies and procedures; creates and deploys privacy training and education;encourages open lines of communication with workforce members, providers, vendors,customers and other third parties; acts as subject matter experts on healthcaredata privacy issues and provides proactive privacy related advice; responds toprivacy inquiries, complaints and reports of violations; conductsinvestigations and supports and/or manages all necessary sanctions and mitigationand remediation efforts; provides notifications and reporting required by law;manages privacy-related contracting and oversees business associate compliance;and conducts or otherwise assists with evaluating, auditing and monitoring privacyrelated risks.

The role of Director,Legal Counsel is critical to the Privacy Office’s ability to successfullybuild, implement and enforce Blue Shield’s Privacy Program.Specifically, the Director, Legal Counselwill be accountable for assisting the CPO and collaborating with fellow PrivacyOffice team members to achieve the following:

The role of AssistantCounsel will provide legal support to Blue Shield's Privacy Program and MandatesControl Group.

In support of BlueShield's Privacy Program, Assistant Counsel will:

  • Implement, support, andenforce Blue Shield’s Privacy Program
  • Assist in annualstrategic planning and risk assessment of the Privacy Program
  • Research, identify,review and summarize new and existing data privacy laws; maintain awareness ofindustry trends and regulatory actions; and communicate impact of these changesto Chief Privacy Officer
  • Compile and analyzeprivacy office data and statistics, items of interest, trends in the field,areas of identified risk, and changes in the law for reports to the ChiefPrivacy Officer, Audit Committee of the Board of Directors, OperatingCommittee, Privacy Council and other Blue Shield leaders
  • Assist individuals whocontact the Privacy Office with privacy-related questions and provide subjectmatter expertise as needed for each unique, individual situation
  • Act as a liaison withregulatory enforcement agencies; manage proper and timely privacy responses totechnical assistance letters, investigations, compliance reviews, audits andother reviews made by regulatory agencies, including OCR, DMHC, DHCS, LA Careand CA Attorney General 
  • In support of BlueShield's Mandates Control Group:

  • Monitor State andFederal resources for new laws, regulations and guidance impacting Blue Shield
  • Review, research,analyze and provide legal guidance to Blue Shield stakeholders on new laws,regulations and guidance impacting Blue Shield
  • Assist in determiningscope and impact of new laws, regulations and guidance on Blue Shield
  • Monitor implementationefforts of new laws, regulations and guidance that fall within the purview ofMandates Control Group
  • Apply internal auditand enterprise risk management best practices to determine areas of risk acrossthe enterprise and to verify ongoing compliance for medium to high risk mandates
  • Promote a corporate culture that understandsand values privacy compliance
  • Build strong relationships and collaboratewith workforce members throughout the Blue Shield Affiliated Covered Entities(ACE) to promote the Privacy Program and encourage privacy compliance at alllevels of the organization
  • Lead, organize and manage regularly scheduled PrivacyCouncil meetings, create and prepare agenda items, including preparation of alldata reporting; ensure appropriate attendance of Privacy Council members atmeetings; communicate with Council members as necessary outside of designatedmeetings; ensure proper documentation and retention of meeting minutes andother documentation related to Privacy Council meetings
  • Assist in annual strategic planning for the Privacy Program;develop and achieve annual goals that improve the effectiveness of the PrivacyProgram and your own personal and professional growth within the Privacy Office

  • Qualifications


  • Minimum of 10 years ofAssistant Counsel experience required
  • Juris doctorate degreerequired.
  • IAPP CIPP/US Certification or HCCACHPC Certification preferred
  • Professional:

  • Minimum of 10 years legalexperience with strong preference for experience in healthcare law. Stronglegal research and writing skills.
  • Sound knowledge of state andfederal privacy laws, including HIPAA/HITECH, CMIA, and privacy relatedconsumer protections laws, such as the Telephone Consumer Protection Act (TCPA)required; knowledge of Department of Health Care Services (DHCS) privacyrequirements for Medi-Cal Managed Care Health Plans and Centers for Medicareand Medicaid (CMS) Medicare Managed Care Plans preferred.
  • Abilityto professionally and appropriately respond to inquiries, complaints or reportsof potential violations from workforce members, business associates, customers,regulatory agencies, or other third parties required.
  • Excellent communication skills, both written and verbal, as well asrelationship building skills to collaborate with and influence all relevantstakeholders, both internal and external.
  • Strong independent judgment, problem-solving, critical andanalytical thinking skills, including a “moral compass” and high integrityrequired.
  • Ability to work with minimal supervision, to multi-task, and todeliver a quality work product in a highly regulated, demanding, and constantlychanging corporate environment required.
  • Ability to work collaboratively in a team, applying people managementand mentoring skills required.
  • Proficient in Microsoft Word, Access,Excel, PowerPoint and Outlook.
  • Experience and knowledge of compliance or privacy incidentmanagement software preferred.
  • This role will require some travel (10%or less), mostly throughout California.

  • Physical RequirementsOffice Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork – Activity level: Sedentary, frequency most of work day.
    Please click here for further physical requirement detail.


    :Compliance and Risk Management * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

    Launch your career - Create your profile now!

    Create your Profile

    Loading some great jobs for you...