HealthEquity
Associate General Counsel, Privacy & Security
HealthEquity, Draper, Utah, United States, 84020
Associate General Counsel, Privacy & Security
Job Locations: US-Remote
Overview Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.
We are seeking an experienced attorney with deep expertise in U.S. privacy law, cybersecurity, and emerging technologies. In this role, you will:
Advise on data protection strategies and regulatory requirements.
Guide breach response efforts and support the Privacy team in embedding privacy-by-design principles into business operations.
Strengthen governance frameworks for data and AI risk management.
You will shape legal strategy as we develop new products, capabilities, and AI applications across the enterprise. Acting as a trusted advisor during cyber events and escalated security investigations, you will ensure compliance with all applicable laws governing personal and confidential data. As part of a collaborative team, you will deliver practical, business-oriented legal guidance aligned with privacy, cybersecurity, and data protection best practices. You will partner with business leaders to anticipate needs, craft agile governance frameworks, and align risk management with innovation priorities—addressing unique legal issues at the intersection of employee benefits, healthcare, and financial services.
What you'll be doing
Advise on complex U.S. privacy and data protection laws (GLBA, HIPAA, CCPA/CPRA, etc.) across business functions.
Lead legal reviews of products and features to integrate privacy-by-design principles throughout development lifecycles.
Draft, review, and negotiate agreements related to privacy, data protection, and data use.
Assess legal risk in AI initiatives, participate in AI governance, and recommend safeguards for compliance.
Contribute to enterprise policies and frameworks for security, privacy, and AI aligned with company values.
Monitor regulatory developments impacting privacy, data use, and AI.
Identify privacy and data protection risks and advise leadership on mitigation strategies.
Provide counsel on incident management, remediation, and regulatory inquiries at state, federal, and international levels.
Translate emerging privacy, cybersecurity, and data protection laws into actionable guidance.
Support development and maintenance of policies for privacy, cybersecurity, AI, and data protection.
Partner with privacy, security, and engineering teams to align legal obligations with operational practices.
Interpret and apply agency rules, legislation, and industry best practices to AI use cases.
What you will need to be successful
J.D. from an ABA-accredited law school; active license in at least one U.S. jurisdiction.
10+ years of experience advising on privacy and data protection in a top law firm or in‑house.
Deep expertise in HIPAA, GLBA, and state privacy laws (CCPA/CPRA).
Proven experience advising senior leadership, including C‑suite and boards, on privacy, security, and risk management.
Strong background in privacy risk assessments, incident response, and policy development.
Experience in banking/finance and healthcare industries.
Exceptional executive communication and advisory skills.
Ability to synthesize complex legal issues into practical risk‑management advice.
Knowledge of AI, large language models (LLMs), machine learning, generative AI, and emerging AI risk frameworks (e.g., NIST AI RMF).
Familiarity with evolving federal and state AI regulations and ethical principles.
Strategic insight to shape governance structures for emerging technology and data‑related risks.
Capacity to quickly understand complex business models and align legal requirements with innovation strategies.
#LI-Remote This is a remote position.
Salary Range $203,000.00 To $268,500.00 / year
Benefits & Perks The actual compensation offer is determined based on job‑related knowledge, education, skills, experience, and work location. This position will be eligible for performance‑based incentives as part of the total compensation package, in addition to a full range of benefits including:
Medical, dental, and vision
HSA contribution and match
Dependent care FSA match
Uncapped paid time off
Paid parental leave
401(k) match
Personal and healthcare financial literacy programs
Ongoing education & tuition assistance
Gym and fitness reimbursement
Wellness program incentives
Why work with HealthEquity HealthEquity has a vision that by2030 we will make HSAs as wide‑spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more.
You belong at HealthEquity!
HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity – you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug‑free workplace. For more information about our EEO policy, or about HealthEquity's applicant disability accommodation, drug‑free‑workplace, background check, and E‑Verify policies, please visit our Careers page.
HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit HealthEquity Privacy.
#J-18808-Ljbffr
Overview Our mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.
We are seeking an experienced attorney with deep expertise in U.S. privacy law, cybersecurity, and emerging technologies. In this role, you will:
Advise on data protection strategies and regulatory requirements.
Guide breach response efforts and support the Privacy team in embedding privacy-by-design principles into business operations.
Strengthen governance frameworks for data and AI risk management.
You will shape legal strategy as we develop new products, capabilities, and AI applications across the enterprise. Acting as a trusted advisor during cyber events and escalated security investigations, you will ensure compliance with all applicable laws governing personal and confidential data. As part of a collaborative team, you will deliver practical, business-oriented legal guidance aligned with privacy, cybersecurity, and data protection best practices. You will partner with business leaders to anticipate needs, craft agile governance frameworks, and align risk management with innovation priorities—addressing unique legal issues at the intersection of employee benefits, healthcare, and financial services.
What you'll be doing
Advise on complex U.S. privacy and data protection laws (GLBA, HIPAA, CCPA/CPRA, etc.) across business functions.
Lead legal reviews of products and features to integrate privacy-by-design principles throughout development lifecycles.
Draft, review, and negotiate agreements related to privacy, data protection, and data use.
Assess legal risk in AI initiatives, participate in AI governance, and recommend safeguards for compliance.
Contribute to enterprise policies and frameworks for security, privacy, and AI aligned with company values.
Monitor regulatory developments impacting privacy, data use, and AI.
Identify privacy and data protection risks and advise leadership on mitigation strategies.
Provide counsel on incident management, remediation, and regulatory inquiries at state, federal, and international levels.
Translate emerging privacy, cybersecurity, and data protection laws into actionable guidance.
Support development and maintenance of policies for privacy, cybersecurity, AI, and data protection.
Partner with privacy, security, and engineering teams to align legal obligations with operational practices.
Interpret and apply agency rules, legislation, and industry best practices to AI use cases.
What you will need to be successful
J.D. from an ABA-accredited law school; active license in at least one U.S. jurisdiction.
10+ years of experience advising on privacy and data protection in a top law firm or in‑house.
Deep expertise in HIPAA, GLBA, and state privacy laws (CCPA/CPRA).
Proven experience advising senior leadership, including C‑suite and boards, on privacy, security, and risk management.
Strong background in privacy risk assessments, incident response, and policy development.
Experience in banking/finance and healthcare industries.
Exceptional executive communication and advisory skills.
Ability to synthesize complex legal issues into practical risk‑management advice.
Knowledge of AI, large language models (LLMs), machine learning, generative AI, and emerging AI risk frameworks (e.g., NIST AI RMF).
Familiarity with evolving federal and state AI regulations and ethical principles.
Strategic insight to shape governance structures for emerging technology and data‑related risks.
Capacity to quickly understand complex business models and align legal requirements with innovation strategies.
#LI-Remote This is a remote position.
Salary Range $203,000.00 To $268,500.00 / year
Benefits & Perks The actual compensation offer is determined based on job‑related knowledge, education, skills, experience, and work location. This position will be eligible for performance‑based incentives as part of the total compensation package, in addition to a full range of benefits including:
Medical, dental, and vision
HSA contribution and match
Dependent care FSA match
Uncapped paid time off
Paid parental leave
401(k) match
Personal and healthcare financial literacy programs
Ongoing education & tuition assistance
Gym and fitness reimbursement
Wellness program incentives
Why work with HealthEquity HealthEquity has a vision that by2030 we will make HSAs as wide‑spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more.
You belong at HealthEquity!
HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity – you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug‑free workplace. For more information about our EEO policy, or about HealthEquity's applicant disability accommodation, drug‑free‑workplace, background check, and E‑Verify policies, please visit our Careers page.
HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit HealthEquity Privacy.
#J-18808-Ljbffr