Corporate Counsel, Privacy and Data Security

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Corporate Counsel, Privacy and Data Security in the United States.

This role is a senior legal position focused on shaping and operationalizing enterprise-wide privacy, data protection, and data security governance within a fast-evolving healthcare and technology environment. The Corporate Counsel will act as a key advisor across the organization, helping define how data is responsibly used, shared, and protected across clinical, operational, and digital initiatives. This position plays a critical role in balancing regulatory compliance with innovation, enabling teams to move quickly while operating within clear legal and ethical guardrails. You will work closely with cross-functional stakeholders across legal, security, product, IT, and commercial teams to guide complex decisions involving sensitive data and emerging technologies. The environment is highly collaborative, fast-paced, and mission-driven, with strong exposure to enterprise strategy and executive leadership. This is a high-impact individual contributor role with broad organizational influence.

• Lead and continuously evolve the enterprise privacy and data security governance framework, including policies, standards, and operational guidelines aligned with U.S. healthcare and privacy regulations.
• Provide legal guidance on data protection, healthcare privacy (including PHI), data security, retention, and compliant data use across products, analytics, and enterprise operations.
• Advise on high-risk and complex data initiatives, including digital tools, AI use cases, website tracking, member communications, and data-sharing arrangements.
• Draft, negotiate, and manage a wide range of commercial and technology agreements, including BAAs, SaaS contracts, NDAs, licensing agreements, and vendor arrangements.
• Lead privacy and data security incident response activities, including breach assessments, regulatory notifications, and coordination with internal and external stakeholders.
• Support regulatory audits, investigations, and compliance reviews while translating evolving legal and regulatory requirements into actionable business guidance.
• Collaborate with cross-functional teams to embed privacy-by-design principles into product development, procurement, marketing, and vendor management processes.

Requirements:

• Active license to practice law with 6–8+ years of experience in privacy, data security, or related legal practice, preferably in healthcare or technology environments.
• Strong expertise in U.S. privacy and data protection laws, including HIPAA/HITECH, CCPA/CPRA, and other evolving state privacy regulations.
• Proven experience developing and operationalizing privacy programs, governance frameworks, policies, and scalable legal processes.
• Strong background in drafting and negotiating complex commercial agreements, including BAAs, SaaS contracts, and data protection terms.
• Experience handling privacy incidents, breach response processes, and regulatory communications or audits.
• Ability to translate complex legal and regulatory concepts into clear, practical guidance for business and technical stakeholders.
• Strong judgment, communication skills, and ability to influence across cross-functional and executive-level audiences in a fast-paced environment.
• Preferred experience in healthcare delivery systems, Medicare Advantage, value-based care, or AI/ML governance frameworks.

Benefits:

• Competitive annual salary ranging from $153,000 to $191,300, based on experience and qualifications.
• Comprehensive healthcare benefits including medical, dental, and vision coverage.
• Retirement savings plan and additional financial wellness programs.
• Remote-first work model with flexibility across the United States.
• Paid time off, holidays, and additional leave policies supporting work-life balance.
• Exposure to enterprise-level strategic initiatives in a mission-driven healthcare environment.
• Professional growth opportunities in privacy law, healthcare regulation, and emerging technology governance.