Counsel, Health Data and Privacy

About Care Access

Care Access is working to make the future of health better for all. With hundreds of research locations, mobile clinics, and clinicians across the globe, we bring world-class research and health services directly to communities that often face barriers to care. We are dedicated to ensuring that every person has the opportunity to understand their health, access the care they need, and contribute to the medical breakthroughs of tomorrow.

Through programs like Future of Medicine, which makes advanced health screenings and research opportunities accessible to communities worldwide, and Difference Makers, which supports local leaders to expand their community health and wellbeing efforts, Care Access puts people at the heart of medical progress. By combining partnerships, technology, and perseverance, we are reimagining how clinical research and health services reach the world.

How This Role Makes a Difference

We are seeking a pragmatic, business-oriented Counsel, Health Data & Privacy to join our Legal & Compliance team. This position will focus primarily on HIPAA and health data privacy advisory, negotiation of data protection and healthcare-related agreements, and support of global data protection compliance across our clinical research and operational activities.

The ideal candidate brings strong experience with HIPAA and U.S. federal and state privacy laws, meaningful experience with GDPR and other international data protection frameworks, and demonstrated capability negotiating data protection and healthcare-related agreements. This role requires both strategic and tactical involvement in health data governance, privacy compliance, and complex data contracting, as well as close collaboration with clinical, operational, procurement, and technology stakeholders.

The successful candidate will be a skilled writer and pragmatic advisor who communicates effectively across the organization, evaluates risk with sound judgment, develops risk-calibrated solutions that enable business objectives, and supports implementation in a fast-paced, evolving healthcare and research environment.

Key Responsibilities

• Health Data, AI & Global Privacy Governance: Provide strategic advisory on health data privacy compliance across clinical research and operational activities, including HIPAA, state privacy laws, GDPR, and emerging international data protection regulations. Support data governance frameworks and AI/machine learning privacy considerations.
• Data Protection Agreements: Lead negotiation and drafting of data protection agreements, business associate agreements (BAAs), data processing agreements (DPAs), and other healthcare-related contracts. Evaluate vendor compliance and manage risk exposure.
• Privacy Compliance Support: Advise on privacy impact assessments, data handling practices, breach response protocols, and compliance with multi-jurisdictional privacy requirements. Support implementation of privacy-by-design principles.
• Cross-Functional Collaboration: Work closely with clinical, technology, procurement, and operational teams to identify privacy risks, develop pragmatic solutions, and ensure compliance while enabling business objectives.
• Legal Documentation: Draft, review, and advise on policies, procedures, and communications related to health data privacy and regulatory compliance.

💰 Compensation not publicly listed. Market estimate for similar roles: from $80K, varying by experience and location.