Data Protection Program Manager [Remote]

Austin, TX /
Compliance – Compliance /
Full-Time
Everly Health is the leading digital health company at the forefront of the $300 billion dollar virtual diagnostics-driven care industry. Our mission is to improve the lives of millions with a fully integrated digital care platform for consumers and businesses. We continue to innovate in the space by delivering more care to more people on a seamless diagnostics-driven platform.

Everlywell, the consumer-initiated at-home laboratory testing brand within Everly Health, has helped over 1 million people manage their health and wellness with easy at-home tests, physician-reviewed results and actionable intelligence delivered digitally in days. You know your body best, and we believe information about the way your body works should be fully visible and available to you however and whenever you need it.

We’re looking for a hard-working, self-starter to serve as our Data Protection Programs Manager who is passionate about privacy, data security, and emerging technology. You will work on meaningful and mission-critical privacy and data protection projects to protect data and to ensure organizational compliance with laws and regulations. You will have responsibility for ensuring that Everly Health's data governance practices are robust and are consistent with best practices. This role will report to the Director of Compliance and will work with cross-functional stakeholders in the organization, including members of the product, engineering, legal, security, and operations teams.

What You'll Do:

    • Provide oversight and guidance on privacy-related initiatives, and serve as an internal subject matter expert on privacy laws and regulations including HIPAA, CCPA, and GDPR. 
    • Support security efforts including SOC2 and HITRUST certifications in collaboration with cross-functional stakeholders
    • Oversee the review, revision and approval of Everly Health privacy and security policies and procedures
    • Deliver training, awareness and business consultations
    • Create/maintain records of compliance (ie: accounting of disclosure)
    • Build and maintain data inventory / data flows
    • Manage the execution of assessment activities (ie:  HIPAA Risk Assessments)

Who You Are:

    • Bachelor’s degree required
    • Minimum five (5) years direct HIPAA HITRUST Privacy/Security experience, five (5) years of relevant, privacy, compliance or other relevant experience preferably in health care, medical device but other experience in non-health care fields will be considered.
    • Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified in Healthcare Compliance (CHC), Certified HIPAA Professional (CHP) or equivalent professional certification is preferred
    • The successful candidate will be able to effectively partner with business areas in the development of operational solutions and strategies.
    • Highly-developed problem-solving, analytical and prioritization skills.
    • Highly effective written, oral and interpersonal communication skills to address a wide variety of sophisticated audiences.
    • Demonstrate professionalism, discretion and judgment through sound decision-making to obtain solutions through collaborative efforts with a wide-variety of offices and departments
    • Thorough understanding of state and federal statutes, laws and regulations, industry standards, trends and/or regulatory requirements in the expertise subject area.
    • Demonstrated critical thinking skills and ability to implement strategic policy recommendations.
    • Works well in a complex and evolving environment; remains adaptable to meet the needs of the organization.
    • Demonstrated project management skills including determining project scope, creating and managing project plans, facilitating effective team meetings, and completing projects required.
You'll Love Working Here:

· Venture backed by top-tier firms
· The opportunity ahead knows no bounds
· Open vacation policy
· Employee discounts
· Paid parental leave
· Health benefits
· 401(k)

NO EXTERNAL RECRUITERS - INDIVIDUAL APPLICANTS ONLY

Everly Health is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, sexual orientation or any other characteristic protected by law.

HIPAA Disclaimer: This role will be in an environment that has access to protected health information (PHI) and all security standards to protect PHI must be followed.