Associate Director-Privacy & Data Governance (Remote)

Regulatory & ComplianceRemote, United States


American Specialty Health Incorporated is seeking an Associate Director, Privacy and Data Governance to join our Regulatory Strategic Development department. This position will work across multiple departments (development, security, operations, compliance and legal) to advance data governance requirements and privacy by design principles to ensure compliance with privacy laws and regulations applicable across the enterprise and throughout the data use lifecycle.  This position assists in developing frameworks and data mapping solutions through programs, reviews, and initiatives in the areas of privacy, data protection, governance, and security across the enterprise.  The position assists with assessing new uses of data through programs, reviews and initiatives in the areas of privacy, data protection, and governance.  The position recommends technical solutions to mitigate privacy vulnerabilities and is responsible for assisting with the management of data privacy, data protection, and data usability. The position should be knowledgeable of current programming languages and technologies, design, development and testing of applications to recommend privacy by design solutions to internal stakeholders.

This position will keep the VP, Regulatory Strategic Development/Privacy Officer/Compliance Officer (VP, RSD) and other senior management apprised of privacy and regulatory matters that will impact the company.

Remote Worker Considerations:

Candidates who are selected for this position will be trained remotely and must be able to work from home in a designated work area with company-provided technology equipment. This remote/WFH position requires you have a stable connection to your Internet Service Provider with the ability to participate by video in online meetings over a reliable and consistent network (minimum internet download of 50 Mbps and 10 Mbps upload speed).  

Salary Range

American Specialty Health complies with state and federal wage and hour laws and compensation depends upon candidate’s qualifications, education, skill set, years of experience, and internal equity. $89,300 to $130,000 Full-Time Annual Salary


  • Responsible for performance and oversight of compliance, at the direction of the VP RSD with respect to data governance functions of the Privacy Office, including managing and overseeing all aspects of the privacy program, including but not limited to data lifecycle management (data mapping, data retention and destruction) and fostering privacy-by-design principles within the enterprise.
  • Maps solutions across various datasets and provides technical advice to support compliance with regulations and industry standards regarding enterprise data within internal and external platforms.
  • Responsible for completing regular data assessments of operational processes for privacy risk assessments and impact analyses as directed by the VP, RSD.
  • Updates and completes, at the direction of the VP, RSD, annual and on-going PHI assessments for company operations.
  • Reports results of assessments to VP, RSD and conducts follow up on findings as directed by the VP.
  • Works with internal departments to complete assessments and identify and remedy compliance concerns.
  • Responsible for creating privacy frameworks and best practices to recommend to internal stakeholders to enhance privacy for data handling and technical privacy reference architecture
  • Communicates industry and regulatory developments to key stakeholders and effectively leads change management efforts across the enterprise.
  • Keeps the VP, RSD and senior management informed of all compliance issues, including legislative developments, for assigned responsibilities.
  • Provides training to advance privacy principles and requirements across the enterprise, with an emphasis on working with internal technology departments and security.
  • Researches and follows through as needed to comply with company policy, accreditation standards and state and federal regulatory requirements as well as contractual requirements for assigned responsibilities. Ensures regulatory agency and contractual deadlines are met. 
  • Responsible for Privacy Office documentation and facilitates the Data Management Workgroup and participates in (and facilitates when needed) the Privacy and Security Key Process Team. Participates as needed in other workgroups and committees as directed by the VP, RSD.
  • Responsible for ensuring the maintenance, review and development of policy, procedures, trainings and forms related to assigned Privacy Office functions.
  • Coordinates policy review with Policy Operations team to ensure timely review of company policies supporting Privacy Office.
  • Ensures all Privacy Office related procedures and forms related to responsibilities are reviewed and updated at least annually as well as in a timely manner due to changes in law, accreditation standards, contractual requirements, and company policy.
  • Provides assistance as directed by the VP, RSD with regard to training for internal departments and staff related to Privacy Office functions and materials.
  • Maintains on-going project list for Privacy Office and assigned deliverables and provides routine reports to the VP, RSD on the progress of those projects, actions items and deliverables.
  • Completes all ASH University training requirements, including required regulatory trainings, as well as ad hoc trainings required by management, within required timeframes.
  • Maintains professional certification for data governance (e.g., DAMA, IAPP).


  • Bachelor's or Master's degree in Business Management, Engineering, Computer Sciences, Law degree (J.D.) or related Data Privacy education and experience with an emphasis in information technology.
  • 5-7 years hands on Data Governance responsibility or related data architect, data engineering, data lifecycle management, privacy-by-design experience, with at least 3 years responsibility for Data Governance project management. Experience within the U.S. health insurance field preferred.
  • Professional certification through DAMA, IAPP preferred.
  • Strong understanding of privacy laws and regulations pertaining to U.S.-based health care and provider group administrative functions, fitness management and wellness programs preferred
  • Strong and conversant understanding of technological/cloud-based infrastructures and architectures related to privacy program impacts
  • Ability to evaluate, test, and deploy privacy-preserving technologies and strategies to include data lifecycle management and anonymization/pseudonymization/de-identification
  • Computer skills including word processing, Excel spreadsheets, SharePoint, OneDrive and email.

Core Competencies

  • Demonstrated ability to interact in a positive, respectful manner and establish and maintain cooperative working relationships.
  • Ability to display excellent customer service to meet the needs and expectations of both internal and external customers.
  • Excellent listening and interpersonal communication skills to identify critical core competencies based on success factors and organizational environment.
  • Ability to effectively organize, prioritize, multi-task and manage time.
  • Demonstrated accuracy and productivity in a changing environment with constant interruptions.
  • Demonstrated ability to analyze information, problems, issues, situations and procedures to develop effective solutions.
  • Ability to exercise strict confidentiality in all matters.


Primarily sedentary, able to sit for long periods of time. 

Physical Requirements

Ability to speak, see and hear other personnel and/or objects.  Ability to communicate both in verbal and written form. Ability to travel within the facility. Capable of using a telephone and computer keyboard.  Ability to lift up to 10 lbs. 

Environmental Conditions

Work-from-home (WFH) environment.

American Specialty Health is an Equal Opportunity/Affirmative Action Employer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law. 

Please view Equal Employment Opportunity Posters provided by OFCCP here.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our career center as a result of your disability. To request an accommodation, contact our Human Resources Department at (800) 848-3555 x6702.

ASH will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Company’s legal duty to furnish information.