Associate General Counsel, US Data Protection, Privacy, and Security

View full description

Requirements:

• 7+ years of legal experience, preferably in the health and wellbeing sector with a focus on privacy.
• In-depth knowledge of US data privacy regulations including HIPAA, CCPA/CPRA.
• Experience with worldwide data protection and AI regulations, preferred.
• Exceptional business acumen and ability to manage multiple projects efficiently.
• Strong sense of ownership and accountability over assigned tasks.
• Experience in scaling legal processes and policies.
• Relevant data privacy certifications (e.g., CISP, CIPP, CHPC) strongly preferred.

Responsibilities:

• Serve as subject matter expert and lead on HIPAA compliance efforts.
• Advise on compliance with US privacy laws, including HIPAA, CCPA/CPRA, and other state privacy laws.
• Provide legal support for all aspects of the company’s data privacy and security programs.
• Partner with product, engineering, marketing, and cybersecurity teams to ensure compliance with privacy laws.
• Manage the company’s response to data breaches and security incidents.
• Draft privacy-related agreements including BAAs and Data Sharing Agreements.
• Stay updated with evolving privacy laws and their impact on the business.