Legal Counsel – Privacy

R

Rugiet Health

Legal Counsel – Privacy

austin, TX
Full Time
Paid
  • Responsibilities

    __About Us

    Rugiet is disrupting healthcare as we know it. With personalized plans, a growing lineup of compound pharmaceuticals, and an easy-to-use online platform, we help patients create custom sexual health and wellness plans that align with their unique goals and lifestyles.

    ** The Role**

    __

    We are seeking a highly skilled and experienced in-house Legal Counsel to join our team on a part-time or full-time basis. Our legal console will be responsible for overseeing privacy, HIPAA compliance, and contract management. This role is critical for ensuring that our company aligns with all legal requirements, safeguards sensitive data, stays HIPAA compliant, follows all privacy laws, and mitigates risk. The ideal candidate will have a strong background in privacy law, healthcare compliance, and contract negotiation, with a proven ability to provide practical legal advice in a fast-paced startup environment.

    __What You’ll Do

    • Advise the organization on privacy-related matters, ensuring compliance with relevant data protection regulations, including GDPR, CCPA, HIPAA, and other global and local privacy laws.
    • Lead and manage the company’s HIPAA compliance efforts, including developing privacy policies, and overseeing those policies implemented.
    • Stay on top of current telemedicine laws and keep the company compliant.
    • Review, negotiate, and draft contracts, including our vendor agreements, NDAs, service agreements, licensing agreements, and data protection agreements, ensuring they are legally sound.
    • Develop and maintain privacy risk management strategies and frameworks to mitigate data privacy risks and potential breaches.
    • Conduct privacy and security audits.
    • Ensure all internal departments adhere to legal and regulatory requirements related to privacy and data protection.
    • Collaborate with cross-functional teams (e.g., IT, product, security, and HR) to integrate privacy policies and practices into business operations.
    • Lead investigations into potential privacy breaches while collaborating with external counsel and regulatory bodies when necessary.
    • Educate and train staff on privacy and security issues, including HIPAA training and updates on privacy laws.
    • Monitor developments in privacy and healthcare regulations, ensuring timely implementation of changes to maintain compliance.

    Day-to-Day Duties

    • Provide legal guidance on new product features, services, and initiatives to ensure privacy and HIPAA compliance from the outset.
    • Develop and implement privacy policies and procedures, including incident response plans and data protection impact assessments.
    • Stay updated on regulatory changes, and laws around telehealth, and assess their impact on business practices, advising stakeholders accordingly.
    • Partner with the security and IT teams to develop robust data protection strategies, including encryption, access control, and incident management.
    • Address and resolve privacy and HIPAA-related queries from internal teams and external partners in a timely manner.
    • Monitor compliance and prepare reports on privacy and data protection efforts for senior management.
    • Manage external legal counsel on privacy-related matters as needed.

    __Skills & Experience

    • 5+ years of professional experience as a legal counsel, with significant exposure to privacy laws and regulations.
    • Previous experience with privacy, data protection, and healthcare laws.
    • Extensive experience drafting and negotiating contracts
    • Deep knowledge of HIPAA, GDPR, CCPA, and other relevant privacy laws and regulations.
    • Excellent communication skills, with the ability to clearly explain complex legal concepts to non-legal stakeholders.
    • Strong organizational skills and the ability to manage multiple priorities in a fast-paced environment.
    • Experience in managing cross-functional teams to implement compliance measures.

    Nice to Have

    • Certifications such as CIPP/US, CIPP/E, or CIPM are a plus.
    • Experience with cloud platforms and SaaS agreements.
    • Knowledge of security frameworks such as NIST or ISO 27001.
    • Familiarity with data breach response processes and regulations.
    • Experience in the healthcare or technology industry is a plus.
    • High attention to detail and a proactive approach to managing privacy risks.
    • Ability to balance legal risks with business needs while maintaining a high level of compliance.

    Benefits

    • Competitive salary and benefits package.
    • Opportunity to work in a fast-paced, innovative startup brand with a high-performing team.
    • Opportunity to make a tangible difference in the lives of our customers.