RemoteLeaf Logo
Log in Sign up

Head of Compliance (HIPAA) and Security

1 month ago
United States
Full-time
Senior
Compliance Manager
Cybersecurity
Cybersecurity HIPAA
Apply Now
Bask Health

Bask Health

Bask Health is the compliant, accessible, and no-code platform for telehealth, providing EMR, payment processing, pharmacy fulfillment, website builder, and patient management system. It's the Shopify for E-Prescribing.

Internet Software & Services
1-10
View All Jobs 21

Description

  • Provide strategic and operational legal support on cybersecurity, data privacy, artificial intelligence, and data governance matters.
  • Develop, implement, and maintain data governance, security, privacy, and compliance frameworks and policies.
  • Serve as the Privacy Officer and primary authority on HIPAA Privacy Rule and Security Rule requirements.
  • Ensure compliance with global, federal, state, and emerging privacy laws, including GDPR and CPRA.
  • Advise executive leadership on cybersecurity risk, mitigation, data governance, and regulatory obligations.
  • Lead internal audits, risk assessments, and incident response planning.
  • Manage relationships with outside counsel, regulators, and third-party vendors on compliance matters.
  • Educate staff on data handling, privacy practices, security threats, and HIPAA obligations.
  • Monitor evolving privacy legislation and assess its impact on the organization.
  • Draft and enforce internal data security policies, procedures, and Business Associate Agreements (BAAs).
  • Represent the organization in regulatory investigations, breach notifications, remediation efforts, and related regulatory proceedings.

Requirements

  • J.D. from an accredited law school.
  • Active bar membership in New York is required.
  • 4 to 6 years of experience in health law, data privacy, or cybersecurity law.
  • Deep expertise in HIPAA/HITECH, state privacy laws, and corporate data security standards.
  • Experience advising on or litigating data breach, privacy, or regulatory enforcement matters.
  • Familiarity with NIST, SOC 2, ISO 27001, or similar security frameworks.
  • Strong understanding of emerging technologies, cloud infrastructure, AI, and their legal implications.
  • IAPP Certified Information Privacy Professional (CIPP) designation or similar is a bonus qualification.
  • Certified HIPAA Professional (CHP) or equivalent is a bonus qualification.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Stripe

Global Sanctions Lead

Stripe 5K-10K Diversified Financial Services

Stripe is seeking a Global Sanctions Lead to own and evolve its worldwide sanctions program within the Financial Crimes team, modernizing operations while helping protect the platform from financial crime and regulatory risk.

Ireland Lead Compliance Manager Operations Manager
2 hours, 43 minutes ago
ActiveCampaign

Commercial Counsel

ActiveCampaign 251-1K Internet Software & Services

ActiveCampaign is seeking a Commercial Counsel to support its global SaaS business by leading contract negotiations, advising internal teams, and improving legal workflows for efficient growth.

United States Full-time Senior Legal Counsel
$168k-$210k
5 hours, 3 minutes ago
Kapitus

Assistant General Counsel

Kapitus 251-1K Diversified Financial Services

Kapitus is hiring an attorney to support its legal team with commercial contracting, financing arrangements, regulatory compliance, and litigation matters for a growing small-business financing business.

United States Full-time Senior Legal Counsel
$122k-$195k
7 hours, 8 minutes ago
Oscar

Medical Director, Clinical Regulatory Affairs

Oscar 1K-5K Insurance

Oscar is seeking a Medical Director for its Clinical Affairs team to lead clinical policy, regulatory, and compliance operations for its health insurance business.

United States Full-time Executive Compliance Manager
$264k-$346k
7 hours, 18 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers