Head of Compliance – HIPAA and Security

Vaga não está no LinkedIn

🕒 Abril 14

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Bask Health

SiteLinkedInTodas as Vagas

11 - 50 funcionários

⚕️ Seguro de Saúde

☁️ SaaS

🛍️ Comércio Eletrônico

💰 Pre Seed Round em 2022-05

Healthcare Insurance • SaaS • eCommerce

Bask Health é uma plataforma robusta que oferece um conjunto abrangente de soluções personalizáveis de telessaúde. Oferece ferramentas como um construtor de questionários, portais para pacientes e serviços de atendimento farmacêutico, todos seguros com forte criptografia e conformidade com a HIPAA. Bask Health integra perfeitamente telessaúde e comércio eletrônico, permitindo um atendimento ao paciente simplificado desde a consulta até a entrega. A plataforma apoia empreendedores, médicos e desenvolvedores, oferecendo soluções escaláveis e sem código que melhoram a experiência do usuário e o crescimento dos negócios. Com sua rede nacional de farmácias, a Bask Health capacita as empresas a gerenciar eficientemente prescrições, dados de pacientes e atendimento de pedidos em todo o cenário de saúde digital.

Descrição

• Reporting to the General Counsel this position provides strategic and operational legal support across legal issues in cybersecurity, data privacy, artificial intelligence, and data governance. • Develop, implement, and maintain the organization's comprehensive data governance and security, privacy and compliance frameworks and policies. • Serve as the Privacy Officer and primary legal and operational authority on HIPAA, including Privacy Rule and Security Rule requirements. • Ensure adherence to global, federal, state and emerging privacy laws (GDPR, CPRA, etc.), as applicable. • Advise executive leadership on cybersecurity risk, mitigation, data governance, and regulatory obligations. • Lead internal audits, risk assessments, and incident response planning. • Manage relationships with outside counsel, regulators, and third-party vendors on compliance matters. • Educate staff on data handling, privacy practices, and security threats. Organize and oversee employee training programs on data privacy, security protocols, and HIPAA obligations. • Monitor evolving federal and state data privacy legislation and assess organizational impact. • Draft and enforce internal data security policies, procedures, and Business Associate Agreements (BAAs). • Represent the organization in regulatory investigations or breach notification proceedings, remediation efforts, and regulatory notifications.

🎯 Requisitos

• J.D. from an accredited law school and active bar membership required in NY • 4 to 6 years of experience in health law, data privacy, or cybersecurity law • Deep expertise in HIPAA/HITECH, state privacy laws, and corporate data security standards • Experience advising on or litigating data breach, privacy, or regulatory enforcement matters • Familiarity with NIST, SOC 2, ISO 27001, or similar security frameworks • Strong understanding of emerging technologies, cloud infrastructure, AI, and their legal implications • Bonus Qualifications • IAPP Certified Information Privacy Professional designation (CIPP) or similar • Certified HIPAA Professional (CHP) or equivalent