Health Information Privacy and Data Protection Manager, Google Health, Palo Alto, CA

As the Health Information Privacy and Data Protection Manager, you’ll work alongside other members of the Health Information and Data Protection team to ensure compliance of Google Health and its products with information governance standards, data protection and data privacy standards and regulations.

You will support the development of software by providing Information Governance domain expertise during all stages of product delivery, interacting with teams across Product, Quality, Risk & Safety, Deployment, and Infrastructure Security. You will provide input into the delivery of data protection, privacy, statutory and regulatory compliance, and identify areas of risk and exposure associated with information governance.


  • Ensure products and company protocol comply with applicable health information privacy regulations, standards and internal policies and procedures, including managing compliance with HIPAA, CCPA (and other state privacy laws) and GDPR
  • Develop and review privacy policies and procedures for Google Health, in line with regulator requirements
  • Help implement and operationalize new and existing policies and procedures for assigned Google Health line of business, including developing and delivering targeted privacy training and raise awareness of privacy best practices throughout your assigned line of business and Google Health
  • Support the appropriate and secure use and disclosure of personal information through the performance of privacy reviews, privacy impact assessments and other activities designed to assess compliance
  • Implement and support privacy-by-design activities for assigned applications, products and solutions

Minimum qualifications:

  • Bachelor's degree or equivalent practical experience in information technology, business, healthcare or biology-related field.
  • 10 years of experience working with US and European data privacy and information security standards and regulations
  • Experience in health information privacy
  • Experience working with product management and development teams to implement privacy controls in products, solutions and processes

Preferred qualifications:

  • Master's degree, Juris Doctor or other advanced degree, or related work experience
  • CISSP, Security + or other information security certifications
  • CIPP/CIPM/CIPT/ISEB or other data privacy certifications
  • Experience with HIPAA Privacy & Security Rules, GDPR, CCPA, ISO 27001, ISO 27018, HITRUST and/or NIST 800-53
  • Consulting or advisory experience on privacy matters (internal or external clients)
  • Experience in research organizations, a start-up or consumer healthcare organization

Application Submission Information:

Apply online at