Corporate & Regulatory Counsel- Privacy
About the role
Wellfleet, a Berkshire Hathaway company, seeks an experienced Corporate & Regulatory Counsel to support the Wellfleet legal team. The ideal candidate will serve as a key legal advisor on state and federal privacy compliance matters across the organization, with a particular focus on healthcare data, regulatory compliance, operational implementation and incident response.
Responsibilities
- Serve as subject matter expert and primary legal counsel on privacy compliance matters across the organization
- Advises on compliance with HIPAA, HITECH, FERPA, GLBA, CCPA/CPRA and related state and federal healthcare privacy requirements
- Advise on data incident and breach response, including risk assessments, regulatory notifications, remediation strategies, and coordination with internal and external stakeholders
- Support and refine privacy governance frameworks, including policies, procedures, training programs and audits
- Partner with Compliance, Audit, Information Security, IT, Operations, Product and Vendor Management teams to translate legal requirements into practical, operationally workable solutions
- Monitor regulatory developments and enforcement trends affecting health care privacy and insurance data
- Aid in privacy-related inquiries from regulators, customers, partners, and internal stakeholders
- Assess privacy issues for new products, processes and technologies, and support cross-functional teams with mitigation strategies
- Support data mapping, classification, management and governance activities across the organization
- Support other enterprise-wide privacy matters as assigned by the Wellfleet CLO or MedPro Group General Counsel
- Exercise strong business acumen and analyze legal issues from the business perspective
- Work closely with cross-functional team members and business leaders to review legal issues and implications of potential business decisions and initiatives
- Work closely with business leaders and the Procurement team on a broad range of commercial agreements across all lines of business and corporate areas, including vendor and TPA contracts, service agreements, technology contracts and other deals and complex transactions
- Provide contract-related training, peer review and coaching to colleagues as needed
- Establish and improve contract processes, templates and playbooks to enhance efficiency, compliance and scalability
- Actively exemplify personal integrity, uphold the highest standards of professionalism, and consistently demonstrate ethical conduct
- Manage tasks and assignments efficiently and effectively to meet deadlines with high urgency
- Establish and maintain a supportive learning environment by ensuring continuous development, training, and growth
- Coach and mentor team members by identifying areas of improvement by providing timely and constructive feedback
- Give direction to support team members and drive success
Requirements
- J.D. from an accredited law school and admitted to practice law and in good standing with at least one state bar
- Privacy certification such as CIPP is strongly preferred
- 5+ years of relevant legal experience with significant focus on privacy compliance, preferably within an in-house legal/compliance department
- Demonstrate a strong understanding of applicable insurance laws and regulations, including HIPAA/HITECH, FERPA, GLBA, and CCPA/CPRA
- Demonstrated expertise on data incident and breach response
- Experience working closely with Information Security or Technology teams
- Demonstrated experience reviewing and negotiating privacy provisions in commercial agreements
- Experience working on cross-functional teams and tackling a broad range of issues in a fast paced and rapidly scaling environment
- Excellent legal research skills and proven ability to articulate and quickly deliver information to business stakeholders
- Capable of efficiently managing multiple tasks and competing priorities in a fast-paced environment
- Excellent organizational skills, including thorough and complete follow-up to all time sensitive items
- Strong verbal, written communication, presentation and negotiation skills
- Outstanding attention to detail with the ability to understand complex problems, identify root causes and effectively problem-solve
- Demonstrate a high level of personal integrity, professionalism, intellectual curiosity, and a readiness to develop further
- Ability to motivate team members and provide direction to drive success
- Work effectively both independently and as part of a team
Qualifications
- Strong background in privacy law, particularly in healthcare and insurance contexts
- Experience in advising on and implementing privacy policies and procedures
- Knowledge of relevant regulatory frameworks and their impact on business operations
- Experience in drafting and negotiating contracts involving privacy and data protection
- Ability to work collaboratively with cross-functional teams
- Effective communication and interpersonal skills
Skills
- Excellent legal research and writing skills
- Strong analytical and problem-solving abilities
- Ability to prioritize and manage multiple tasks simultaneously
- Strong attention to detail and organizational skills
- Effective communication and negotiation skills
- Ability to work independently and as part of a team
Benefits
Wellfleet offers a competitive compensation package and comprehensive benefits package including medical, vision and dental insurance options, life and accident insurance, 401(k), and short-term and long-term disability insurance. For a more detailed overview, visit our careers website at: wellfleetinsurance.com/about/careers.
Pay
The annual gross base salary range is $125,000 to $175,000. This range anticipates the low and high end of the salary for this position. Actual salaries will vary and are based on factors such as a candidate's qualifications, skills and competencies.
Schedule
Full-time position.