Website everly_well Everlywell

Everlywell makes lab testing easy and convenient with at-home collection and digital results in days.

Everlywell is a consumer-initiated at-home laboratory testing company with easy-to-read and actionable results. We are at the forefront of personalized health, transforming the $25B lab testing industry. Everlywell is growing rapidly and we are looking for exceptional talent to join our team. We move at a fast pace to solve problems quickly so that our customers have a rewarding experience. If this sounds like your type of environment, we are eager to speak to you! 
We’re looking for a hard-working, self-starter to serve as our Data Protection Programs Manager who is passionate about privacy, data security, and emerging technology. You will work on meaningful and mission-critical privacy and data protection projects to protect data and to ensure organizational compliance with laws and regulations. You will have responsibility for ensuring that Everly Health’s data governance practices are robust and are consistent with best practices. This role will report to the Director of Compliance and will work with cross-functional stakeholders in the organization, including members of the product, engineering, legal, security, and operations teams.

What You’ll Do:

    • Provide oversight and guidance on privacy-related initiatives, and serve as an internal subject matter expert on privacy laws and regulations including HIPAA, CCPA, and GDPR.
    • Support security efforts including SOC2 and HITRUST certifications in collaboration with cross-functional stakeholders
    • Oversee the review, revision and approval of Everly Health privacy and security policies and procedures
    • Deliver training, awareness and business consultations
    • Create/maintain records of compliance (ie: accounting of disclosure)
    • Build and maintain data inventory / data flows
    • Manage the execution of assessment activities (ie:  HIPAA Risk Assessments)

Who You Are:

    • Bachelor’s degree required
    • Minimum five (5) years direct HIPAA HITRUST Privacy/Security experience, five (5) years of relevant, privacy, compliance or other relevant experience preferably in health care, medical device but other experience in non-health care fields will be considered.
    • Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified in Healthcare Compliance (CHC), Certified HIPAA Professional (CHP) or equivalent professional certification is preferred
    • The successful candidate will be able to effectively partner with business areas in the development of operational solutions and strategies.
    • Highly-developed problem-solving, analytical and prioritization skills.
    • Highly effective written, oral and interpersonal communication skills to address a wide variety of sophisticated audiences.
    • Demonstrate professionalism, discretion and judgment through sound decision-making to obtain solutions through collaborative efforts with a wide-variety of offices and departments
    • Thorough understanding of state and federal statutes, laws and regulations, industry standards, trends and/or regulatory requirements in the expertise subject area.
    • Demonstrated critical thinking skills and ability to implement strategic policy recommendations.
    • Works well in a complex and evolving environment; remains adaptable to meet the needs of the organization.
    • Demonstrated project management skills including determining project scope, creating and managing project plans, facilitating effective team meetings, and completing projects required.
You’ll Love Working Here:
· Venture backed by top-tier firms
· The opportunity ahead knows no bounds
· Open vacation policy
· Employee discounts
· Paid parental leave
· Health benefits
· 401(k)

To apply for this job please visit jobs.lever.co.