Certified Data Privacy Consultant – Healthcare Gulf Power Alliance

Job Description :
We are seeking a Certified Data Privacy Consultant with strong expertise in healthcare data protection and compliance. The ideal candidate will have experience implementing privacy frameworks, performing audits, and ensuring regulatory compliance across HIPAA, GDPR, and local laws. The candidate will advise, monitor, and train teams on data privacy best practices.

Key Responsibilities:
Develop data governance and privacy policies aligned with regulatory requirements and tailored to healthcare environments.

• Define stakeholder roles and responsibilities, and establish oversight mechanisms such as Privacy Committees within hospitals or clinics.
• Create privacy documentation, notices, and consent forms review and update employee and patient privacy statements.
• Support data mapping and inventory processes for healthcare systems, including electronic health records (EHR).
• Define encryption and security requirements for patient data and healthcare IT systems.
• Establish data minimization practices and role-based access controls specific to medical information handling.
• Implement privacy-by-design principles across healthcare applications, digital health platforms, and clinical systems.
• Develop data retention and disposal protocols in line with medical record-keeping regulations.
• Identify and assess vendor management and third-party risks in healthcare service provider networks.
• Create policies for cross-border transfer of health data while ensuring compliance with local and international laws.
• Establish record-keeping processes for compliance with healthcare data protection regulations.
• Design and execute privacy audits and risk assessments in hospitals, clinics, and health insurance organizations.
• Create and conduct data breach simulation exercises tailored to healthcare settings to strengthen incident response readiness.

Qualifications & Skills:

• Bachelor’s or Master’s degree in Information Security, Computer Science, Law, Health Informatics, or a related field.
• Certified Data Privacy Professional (CIPP, CIPM, CIPT, or equivalent).
• Strong understanding of healthcare data regulations (e.g., HIPAA, PDPL, GDPR for health data).
• Experience in developing and implementing privacy frameworks for hospitals, clinics, or health insurance organizations.
• Knowledge of Electronic Health Records (EHR) systems, patient data confidentiality, and medical information handling.
• Strong technical expertise in data encryption, access control, and healthcare IT security frameworks.
• Experience with privacy audits, risk assessments, and third-party risk management in health sector ecosystems.
• Excellent communication, stakeholder engagement, and policy development skills tailored for healthcare environments.
• Ability to work independently and provide expert consulting support to senior management in the health industry.