Corporate Counsel - Privacy

Job Type:

Build a brilliant future with Hiscox
 

About Hiscox

As an international specialist insurer we are far removed from the world of mass market insurance products. Instead we are selective and focus on our key areas of expertise and strength - all of which is underpinned by a culture that encourages us to challenge convention and always look for a better way of doing things.

We insure the unique and the interesting. And we search for the same when it comes to talented people. Hiscox is full of smart, reliable human beings that look out for customers and each other. We believe in doing the right thing, making good and rebuilding when things go wrong. Everyone is encouraged to think creatively, challenge the status quo and look for solutions.

Scratch beneath the surface and you will find a business that is solid, but slightly contrary. We like to do things differently and constantly seek to evolve. We might have been around for a long time (our roots go back to 1901), but we are young in many ways, ambitious and going places.

Some people might say insurance is dull, but life at Hiscox is anything but. If that sounds good to you, get in touch.

The Role:

Reporting to the Head of Legal, the Corporate Counsel, Privacy serves as a key member of the legal team and will own and run data privacy operations for Hiscox US.

The right candidate has a proven background advising, owning, and operating a data privacy framework, and experience in developing, implementing, and managing the business processes and practices necessary to drive compliant privacy transformation initiatives and BAU operations simultaneously. This role will partner with the Group DPO and Privacy global team to ensure the US business maintains an effective program that is compliant with US privacy and data security laws and regulation and is responsible for keeping abreast of all emerging laws, regulations and communicating expected impact and recommending solutions to the business and management. This role will serve as the point person for US customer queries and will ensure all necessary and relevant privacy trainings and tools are effectively delivered to the US business. Additionally, the individual will collaborate closely with key stakeholders in Data, Risk, Claims, Operations, and Marketing to drive compliance and best practices. This role is suited to an experienced privacy professional who is comfortable taking decisions and operating as part of an embedded legal function and simultaneously part of a global privacy team.

This role will be a member of the US legal team, providing day to day legal advice and counselling to the business regarding marketing initiatives, contract negotiations, and data incident management.

Key Responsibilities:

• Lead Privacy initiatives within the US:
  • Simultaneously run the annual US privacy program and BAU responsibilities for a leading specialist commercial insurer with growth plans in the US market.
  • Lead on the development and own the US privacy roadmap, delivering through others in Digital, Data, IT and Marketing where required.
  • Drive the development of US adherence to Group data protection and privacy policies, standards and guidelines that are consistent with US state legal and regulatory requirements.
  • Be the escalation point for US customer queries on privacy and the exercising of their rights and escalation point for teams managing these processes.
  • Manage, triage, and escalate any data incidents – actively promoting an open reporting culture with awareness and communication initiatives.
• Advice and Counselling:
  • Research and advise the business on current and developing regulatory and legal changes that will or may affect the business; timely communicate and provide solutions.
  • Support stakeholders with the appropriate uses of personal and consumer data within Hiscox for new products, services, marketing, and changes to our business.
  • Run, support, and approve Data Privacy Impact Assessment (DPIA) processes for the US business. Raise awareness and drive best practice in completion of the DPIA processes.
  • Maintain an existing data processing inventory including an annual refresh campaign, drawing insight and reporting results to Management.
  • Provide ad hoc guidance and support for privacy and customer data related queries.
  • Work with the Learning and Development teams to produce and enhance privacy training programmes and communications
  • Collaborate with an international network of Hiscox Privacy experts.
• Involvement in related data initiatives and business projects:
  • Collaborate with the Data team on process reviews and advisory work to ensure the compliant use of personal data.
  • Support the Data and Digital Enablement team to ensure sensitive data protection is clearly defined, communicated, and well understood and considered as part of operational prioritization and planning.
• Manage US third party risk assurance:
  • Ensure appropriate contract and audit management with respect to US business partners and vendors accessing or processing personal data.
  • Review, draft, and negotiate commercial contracts, including non-disclosure, vendor/supplier, software, consulting, broker, agency, and partnership agreements.

• Project Management and Team Supervision:
  • Represent and lead on behalf of legal in various business projects and initiatives.

• Ensure the completion of key activities such as monitoring reviews or internal audit actions.

Must Haves:

• J.D. from an accredited law school.
• CIPP-US or comparable certification or training.
• Experience or knowledge of global privacy laws and practice including relevant legislation.
• Experience with risk and control frameworks – including GRC (Governance Risk and Control) technology

• Experience or interest in Privacy Enhancing Technology (ideally OneTrust)

• A keen attention to detail, pride in delivery and personally accountability for areas of responsibility
• Experience in managing privacy operations and programs.
• Experience in digital technology and cookies technology
• Knowledge of information security policies, standards, and best practices.
• Capability to make and recommend risk-based judgments to senior leadership.
• Ability to build and maintain relationships across the business and Group roles.
• Self-motivated and able to work under pressure.
• Ability to think strategically, designing solutions to complex problems that balance multiple inputs.
• Experience negotiating commercial contracts, including SaaS, supplier agreements, and broker/partner and reinsurance agreements.
• Ownership mentality with the ability to own and run an agenda of privacy.
• Effective communication skills and ability to present to diverse range of colleagues, with the solid experience of presenting to senior leadership.

What We Offer:

• 401(k) with competitive company matching 
• Comprehensive health insurance, vision, dental and FSA plans (medical, limited purpose, and dependent care)  
• Company paid group term life, short- term disability and long-term disability coverage 
• 24 Paid time off days plus 2 Hiscox days,10 paid holidays plus 1 paid floating holiday, and ability to purchase up to 5 PTO days 
• Paid parental leave 
• 4-week paid sabbatical after every 5 years of service 
• Financial Adoption Assistance and Medical Travel Reimbursement Programs 
• Annual reimbursement up to $600 for health club membership or fees associated with any fitness program 
• Company paid subscription to Headspace to support employees’ mental health and wellbeing 
• 2023 Gold level recipient of Cigna’s Healthy Workforce Designation for having a best-in-class health and wellness program 
• Dynamic, creative and values-driven culture 
• Modern and open office spaces, complimentary drinks 
• Spirit of volunteerism, social responsibility and community involvement, including matching charitable donations for qualifying non-profits via our sister non-profit company, the Hiscox USA Foundation 

Salary range: $150k-$190k

Please note that this position is hybrid and requires working in office two (2) days per week in Atlanta (Sandy Springs/Dunwoody area).

About Hiscox US

Hiscox USA was established in 2006 to focus primarily on the needs of small and middle market commercial clients, via both the broker and direct distribution channels and is today the fastest-growing business unit within the Hiscox Group.

Today, Hiscox USA has a talent force of about 420 employees mostly operating out of 6 major cities - New York, Atlanta, Chicago, Hartford, Scottsdale, and Los Angeles. Hiscox USA offers a broad portfolio of commercial products, including technology, cyber & data risk, multiple professional liability lines, media, entertainment, management liability, crime, kidnap & ransom, commercial property and terrorism.

Diversity and flexible working at Hiscox

At Hiscox we care about our people. We hire the best people for the job and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We also understand that working life doesn’t always have to be ‘nine to five’ and we support flexible working wherever we can. No promises, but please chat to our resourcing team about the flexibility we could offer for this role.

Compensation Overview

The annual base salary range provided for this position is a nationwide market range and represents a broad range of salaries for this role across the country. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. As part of our comprehensive compensation and benefits program, employees are also eligible for performance-based cash incentive awards.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

You can follow Hiscox on LinkedIn, Glassdoor and Instagram (@HiscoxInsurance)

#LI-AJ1

Work with amazing people and be part of a unique culture