Associate General Counsel, US Data Protection, Privacy, and Security

Job Description

Job Description

Our mission : to eliminate every barrier to mental health.

At Spring Health, we're on a mission to revolutionize mental healthcare by removing every barrier that prevents people from getting the help they need, when they need it.

Our clinically validated technology, Precision Mental Healthcare , empowers us to deliver the right care at the right time whether it's therapy, coaching, medication, or beyond tailored to each individual's needs.

We proudly partner with over 450 companies, from startups to multinational Fortune 500 corporations, as a leading provider of mental health service, providing care for 10 million people.

Our clients include brands you use and know like Microsoft, Target, J.P. Morgan Chase, and Delta Airlines, all of whom trust us to deliver best-in-class outcomes for their employees globally.

With our innovative platform, we've been able to generate a net positive ROI for employers and we are the only company in our category to earn external validation of net savings for customers.

We have raised capital from prominent investors including Generation Investment, Kinnevik, Tiger Global, William K Warren Foundation, Northzone, RRE Ventures, and many more.

Thanks to their partnership and our latest Series E Funding, our current valuation has reached $3.3 billion. We're just getting started join us on our journey to make mental healthcare accessible to everyone, everywhere.

The AGC for US Data Protection, Privacy and Security is an essential member of the legal and corporate compliance team, responsible for ensuring our company's compliance with US privacy laws and regulations.

You will be responsible for providing legal advice and guidance to stakeholder teams across the enterprise, developing and implementing privacy policies and procedures, conducting privacy impact assessments, and collaborating with cross-functional teams to integrate privacy and data protection considerations into our products and services.

This position reports directly to the company's Data Protection Officer and Head of Privacy. The successful candidate must be agile, with a demonstrated ability to pivot and manage a workload.

This is a remote position.

What you'll be doing :

• Serve as subject matter expert and lead on HIPAA compliance efforts.
• Advise on compliance with US privacy laws, including HIPAA, CCPA / CPRA, Washington's MHMDA (My Health My Data Act), and other state privacy laws, with a focus on health data and sensitive personal information.
• Provide legal support for all aspects of the company's data privacy and security programs.
• Partner with product, engineering, marketing, and cybersecurity teams to ensure compliance with privacy laws and industry best practices, particularly around AdTech, data management, and data analytics.
• Play a key role in the company's response to data breaches and other security incidents, including managing breach notification and remediation efforts.
• Draft Privacy Related agreements including BAAs and Data Sharing Agreements.
• Stay up-to-date with evolving privacy laws and regulations, and provide guidance on their impact to the business.
• Coordinate with external counsel on privacy-related legal matters, including any regulatory inquiries, enforcement actions, and litigation.

What success looks like in this role :

• Identify and implement process improvements for the HIPAA compliance program, including policies and procedures, and training materials.
• Conduct a thorough risk assessment to identify potential privacy vulnerabilities and develop a mitigation plan.
• Review and Update existing privacy policies and procedures to ensure they are in line with current regulations and industry best practices.
• Launch and deliver HIPAA and privacy training programs for all employees.
• Ensure timely and accurate filing of regulatory reports and documentation related to HIPAA and privacy compliance.

What we expect from you :

• 7+ years of legal experience, preferably with a successful, high-growth company or startup in the health and wellbeing sector with 5+ years emphasis on privacy.
• In-depth knowledge of US data privacy regulations, including HIPAA, Washington's MHMDA (My Health My Data Act), and CCPA / CPRA.
• Working knowledge of worldwide data protection and AI regulations including the GDPR, and the EU AI Act as well as industry best practices (eg, NIST AI RMF, etc) preferred.
• Exceptionally strong business acumen and the ability to work effectively and efficiently on multiple projects in a fast paced, hyper growth environment, while being a critical (and often autonomous) go-to partner for fellow peers in the company and legal department.
• Strong sense of ownership and accountability over assigned projects and tasks.
• Experience scaling legal processes and policies.
• Candidates having relevant data privacy certifications (e.g. CISP, CIPP, CHPC, etc.) strongly preferred.

The target base salary range for this position is $212,800 - $266,000, and is part of a competitive total rewards package including stock options and benefits.

Individual pay may vary from the target range and is determined by a number of factors including experience, location, internal pay equity, and other relevant business considerations.

We review all employee pay and compensation programs annually at minimum to ensure competitive and fair pay.

Hypergrowth meets impact

What to expect working here :

• You will be held accountable to an exceptionally high bar and impact
• This may be the fastest work environment you will ever experience in terms of growth, decision-making, and time to impact
• You will be empowered to set your own boundaries and asked to adapt them in critical moments when the company needs you
• You will create processes & products that have never existed before
• You will have very direct conversations and receive continuous feedback to push you to become the most thriving team member and performer you can be
• Change is a constant here : your role, team, responsibilities, and success metrics will shift as the company grows
• You get to be surrounded by some of the brightest minds in the field
• You get to learn and grow at an extremely accelerated pace
• You will experience transparency, integrity, & humility from leadership
• You will be empowered to constantly challenge the status quo
• You get the space to experiment & innovate
• You get to make a transformational impact for the company, mental health, and for real human lives and you will see that impact quickly
• You will become more resourceful and resilient
• You get to be part of a winning team that opens doors in the future

Benefits provided by Spring Health :

Your Total Health :

Health, Dental, Vision benefits start on your first day at Spring Health. You and your dependents also receive an individual One Medical account which is valued at $199 / year per user.

HSA and FSA plans available

• A yearly allotment of no cost visits to the Spring Health network of therapists, coaches, and medication management providers for you and your dependents
• 10 allocated sick days per year
• Flexible paid time off in addition to 12 paid holidays throughout the year
• Access to Gympass , an on-demand virtual benefit that provides wellbeing coaching, and budget management.
• Spring Renewal : When you hit your four-year Springaversary, you'll be awarded a four week , fully paid , sabbatical leave to renew and recharge.

You And Your family :

• 4-4.5 months of fully paid parental leave
• Spring Health provides team members and their families with sponsored access to Bright Horizons® child care, back-up care, and elder care.
• Access to fertility care support through Carrot , in addition to $4,000 reimbursement for related fertility expenses

Supporting you financially through :

Our People team benchmarks all salaries using the Radford Global Compensation Database for technology and life sciences industries.

Radford benchmarks salaries with 3,589 global firms, 6.5 million employees, and 98 countries across the globe. We do this to ensure all of our team members are paid equally and competitively.

• On top of competitive and benchmarked salary, Spring Health offers incentive pay (based on role), and equity that begins vesting as we celebrate your first year with the company!
• Employer sponsored 401(k) match of up to 2% after 90 days of employment

Creating a culture you can thrive in :

• Flexible work arrangements : 66% of Spring Health team members work fully remote while 33% work in a hybrid model from our New York City offices
• Focus Fridays : no meetings, no distractions, just time for you to get work done.
• Focus Weeks : In Spring 2023, we held our first ever Focus Week, we canceled all non-essential meetings, minimized distractions, and you, our team members, to dive into the key work that gets chopped up or deprioritized during the regular day-to-day.

We saw a 36% jump in the average energized score after those five days of flow state work and are finalizing a plan for quarterly Focus Weeks for team members.

• Up to $1,000 Professional Development Reimbursement per calendar year.
• $200 per year donation matching to support your favorite causes

Don't meet every requirement? Studies have shown that women, communities of color and historically underrepresented talent are less likely to apply to jobs unless they meet every single qualification.

At Spring Health we are dedicated to building a diverse, inclusive and authentic workplace

To ensure intentional and equitable hiring practices, we use a balanced candidate slate in our interviews. This approach guarantees that our pool of qualified candidates includes individuals who are underrepresented in our organization at all levels.

This is a key performance indicator (KPI) for our recruiting and hiring teams, reported quarterly to maintain accountability.

Ready to do the most impactful work of your life? Learn more about our values, what it's like to work here, and how hypergrowth meets impact at Spring Health : Our Values

Our privacy policy : https : / / springhealth.com / privacy -policy /

Spring Health is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex, marital status, ancestry, disability, genetic information, veteran status, gender identity or expression, sexual orientation, pregnancy, or other applicable legally protected characteristic.

We also consider qualified applicants regardless of criminal histories, consistent with applicable legal requirements. Spring Health is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans.

If you have a disability or special need that requires accommodation, please let us know.