Senior Data Security and Confidentiality Technical Specialist

This position can be located in Kampala, Uganda; Addis Ababa, Ethiopia, Nairobi, Kenya; Ho Chi Minh, Vietnam; Seattle, Washington DC, San Francisco, United States; Johannesburg, South Africa

PATH is a global organization that works to accelerate health equity by bringing together public institutions, businesses, social enterprises, and investors to solve the world’s most pressing health challenges. With expertise in science, health, economics, technology, advocacy, and dozens of other specialties, PATH develops and scales solutions—including vaccines, drugs, devices, diagnostics, and innovative approaches to strengthening health systems worldwide

International development and global health represent one of the greatest opportunities for the impact of digital technologies on a global scale. New technologies, approaches and tools are emerging daily, unfortunately into a fragmented and immature digital health market landscape that currently limits their promise to transform country health systems and accelerate and amplify progress towards national and global health goals.

The Center of Digital and Data Excellence (CoDE) is working on a project funded by the US Centers for Disease Control and Prevention to develop, implement, use, and evaluate interoperable health information systems to achieve HIV/AIDS and TB epidemic control through improved health informatics policy, governance, workforce capacity, and systems under PEPFAR.

Under this award, PATH is working with CDC’s Health Informatics Team (HIT) to implement several organizational objectives, one of which is the development of generic data security and confidentiality guidance.

Data security and confidentiality guidance

Whereas data sharing is a best practice in public health, there are valid concerns about the privacy of health records, especially protected health information and other personal information. Consequences of breaches in the privacy of this information are extremely serious. Furthermore, protecting patient privacy and securing electronic health information is a shared responsibility. In providing mechanism to safeguard information without stifling its sharing, countries establish policies that outline appropriate uses and releases of information and create mechanisms for preventing and detecting violations.

Required Skills

Required Experience

  • A minimum of a Bachelor’s degree in public health or related fields such as health systems or health information.
  • Advance degree (MPH, MS, MIS, MA, Law) preferred.
  • A minimum of seven (7) years of hands-on experience in health management information systems (HMIS), data governance, and related areas, with a health or related international NGO or bilateral/multilateral organization.
  • Background and expertise in legal, data compliance, audit or IT security
  • Knowledge of data protection legislation, particularly GDPR and alike national laws
  • Experience developing guidelines and protocols for data sharing, access, use and protection.
  • Familiarity with computer security systems
  • Experience in conducting data protection impact assessments.
  • Strong technical writing skills.
  • Experience and skills in high-level workshop facilitation.
  • Experience in facilitating discussions among various stakeholders to achieve consensus.
  • Experience working remotely with diverse teams of geographically distributed employees with multiple perspectives (think global coalitions, associations, or working groups) to set strategies and execute them successfully.
  • Experience building a strategic privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of protected health information (PHI), paper and/or electronic, across all media types. Ensures privacy forms, policies, standards, and procedures are up to date.
  • Experience drafting new and amend existing data protection policies, guidelines, and procedures, in consultation with key stakeholders.
  • Expertise in European data protection laws and practices including an in-depth understanding of the General Data
  • Protection Regulation (GDPR)
  • Ability to communicate fluently in English.
  • Candidates must have legal authorization to work in the country of application.

PATH is dedicated to building an inclusive workforce where diversity is valued.

PATH is an equal opportunity employer. Every qualified applicant will be considered for employment. PATH does not discriminate based on race, color, religion, gender, sexual orientation, gender identity, genetic information, age, national origin, marital status, disability status, political ideology, military or protected veteran status, or any other characteristic protected by applicable federal, state, or local law.
PATH has become aware of scams involving false job offers.*

Please Advise

Please report any suspicious communications to careersitehelp@path.org.

PATH will never ask for a fee during any stage of the recruitment process.
All active jobs are advertised directly on our career’s page.
Official PATH emails will always arrive from an @path.org address.


Click “APPLY FOR JOB” button above to apply for this job.

About PATH

PATH is an international organization that drives transformative innovation to save lives and improve health, especially among women and children. We accelerate innovation across five platforms-vaccines, drugs, diagnostics, devices, and system and service innovations-that harness our entrepreneurial insight, scientific and public health expertise, and passion for health equity.