Explore Legal.io

For Legal Talent
Community
Connect with peers, in person and online
Jobs
The best legal jobs, updated daily
Salaries
Benchmark compensation for any legal role
For Employers
Legal.io company logo
Hire Talent
Find the best fit for any legal role
Spend & Panel Management
Manage law firms and benchmark rates
Advertise on Legal.io
Post a job for free
Reach more qualified applicants quickly
Advertise with Us
Reach a targeted audience
This job is expired. See open roles here
Company logo

Chief Counsel, Privacy and Data Strategy

Verily
$257,000 - $387,000 / year
Market Range: loading...
Posted Oct 31
Full TimeRemoteDallas, Texas

Who We Are

Verily is a subsidiary of Alphabet that is using a data-driven approach to change the way people manage their health and the way healthcare is delivered. Launched from Google X in 2015, our purpose is to bring the promise of precision health to everyone, every day. We are focused on generating and activating data from a variety of sources, including clinical, social, behavioral and the real world, to arrive at the best solutions for a person based on a comprehensive view of the evidence. Our unique expertise and capabilities in technology, data science and healthcare enable the entire healthcare ecosystem to drive better health outcomes.

Description

Reporting to the Chief Legal Officer, the Chief Counsel, Privacy and Data Strategy is responsible for providing legal, compliance, policy, and regulatory leadership and support on privacy, data protection, and cybersecurity matters for all Verily businesses, regions, and functions. The Chief Counsel will work closely with the Legal, Product, Compliance, Quality, Regulatory, IT, and Security to ensure compliance with all applicable data privacy laws and regulations globally.

A hybrid role with three days per week in-office; possible locations of the role are Dallas, Raleigh, South San Francisco, or Boston. Preference for Dallas.

Responsibilities

  • Provide specialist legal advice and subject-matter expertise required to support Verily’s leadership team and privacy program.
  • Provide specialist consultation and support to other key functions (Legal, Product, Security, Public Policy, Marketing/Communications, and Leadership).
  • Interface with senior business leaders to develop strategic plans for the collection, use, and sharing of personal data in a manner that maximizes its value while complying with applicable privacy laws and regulations.
  • Advise on compliance across all aspects of global privacy law and regulation, including data protection, data retention, data security, and data breach rules.
  • Maintain awareness of new laws, enforcement activity and other developments in the privacy domain, and drive discussion among key stakeholders across the company to continuously improve organizational privacy practices.
  • Serve as the primary Legal point of contact for Alphabet and Google privacy teams and facilitate alignment with respect to privacy matters,
  • Collaborate with development teams to ensure that new introductions or versions of products and services comply with applicable data privacy and security requirements (legal, contractual, or otherwise) and assist in the negotiation of data privacy and security provisions in related contracts/agreements.
  • Collaborate with cross-functional representatives to drive compliance with applicable privacy laws and regulations, contractual obligations, internal policies and procedures, and breach investigation, mitigation, and notification responsibilities.
  • Work in partnership with the Information Security team to ensure compliance with all applicable data security administrative, physical, and technical safeguards.
  • In collaboration with Compliance and Information Security teams, provide privacy, data protection, and cybersecurity compliance training and periodic best practices tips/reminders.
  • Assist with conducting periodic and as-needed business audits and risk assessments to assess data privacy and security compliance.
  • Work and cooperate with designated supervisory authorities on issues relating to the processing of personal data.
  • Work cross-functionally to resolve individual privacy, cybersecurity and ransomware compliance issues/questions and investigations, assessing causes, developing corrective actions, and ensuring consistent application of corrective actions.
  • In collaboration with Litigation and Investigations teams, assist in managing disputes, litigation, and incidents related to privacy, data protection, and cybersecurity.
  • Work cross-functionally within Legal and the business to assist with drafting, reviewing, and negotiating privacy-related provisions of proposed deals, relationships, and other issues requiring legal or compliance attention.
  • Direct and indirect people leadership experience; hiring and developing a global team.
  • Monitor advancements in privacy technologies like OneTrust to ensure organizational adaptation and compliance, as needed.
  • Assist the Information Security team with the development and implementation of a data categorization and management infrastructure.
  • Assure that the use of technologies maintain, and do not erode, privacy protections related to the use, collection, and disclosure of personal data.
  • Manage outside counsel as necessary.
  • Develop, implement, and train Company personnel on the Company's Incident Response Plan.
  • Mitigate effects of a data breach caused by employees or business partners by ensuring the implementation of a Data Breach Response Plan.
  • Administer action on all complaints concerning the organization's privacy policies and procedures in coordination and collaboration with the Investigation team and, when necessary, legal counsel.
  • Serve as breach counsel and cooperate with external breach counsel when responding to all investigative inquiries from law enforcement agencies, regulatory bodies, or data protection authorities related to a data breach.
  • Demonstrate a commitment to diversity, equity, and inclusion through continuous development, modeling inclusive behaviors, and proactively managing bias.
  • All other duties as assigned.

Qualifications

Minimum Qualifications:

  • J.D. with active bar membership.
  • 15+ years of attorney level experience at a law firm, corporate legal department, or equivalent compliance function, with significant experience in healthcare privacy matters.
  • Admitted to the bar and in good standing or otherwise authorized to practice law (e.g., have registered in-house status) in California.
  • Deep experience with global privacy laws and their practical application, including extensive experience with HIPAA, GDPR, and CCPA.
  • Deep experience advising legal team members and product teams on a wide range of substantive privacy topics, including specific expertise with privacy-by-design, user data protection, GDPR, CCPA, HIPAA Privacy Rules, and Privacy Shield.
  • Experience with building, implementing, and enhancing a global privacy program.
  • Ability to write clearly and prepare professional communications.
  • Excellent interpersonal and conflict resolution skills and ability to work in a highly collaborative, team-oriented environment.
  • High level of influencing skills and ability to drive change as it relates to implementing remedial actions.
  • Level-headed approach to risk.

Preferred Qualifications

  • Experience counseling and negotiating data protection terms in enterprise agreements, with experience negotiating requirements from U.S. and E.U. privacy frameworks.
  • Experience designing compliance programs, policies, and processes.
  • Flexibility and willingness to work on a broad range of legal matters. Demonstrated ability to complete several simultaneous projects on a deadline.
  • Exceptional interpersonal skills and a commitment to professionalism and collegiality.
  • Prior in-house experience.
  • At least one International Association of Privacy Professionals (IAPP) certification (CIPP/US, CIPP/E, etc.).
  • Knowledge of US and EU privacy laws related to the clinical research industry.
  • Experience with privacy issues relating to health insurance companies.

The US base salary range for this full-time position is $257,000 - $387,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Why Join Us

Build What’s Vital.

At Verily, you are a part of something bigger. We are a diverse team of builders innovating at the intersection of health and technology—united by a shared spirit of curiosity, resilience and determination to make better health possible for all. This builder mindset means your fingerprints will be on the work that shapes the future of health.

Fulfilling our precision health purpose starts with the health of our Veeps, which is why we offer flexibility, resources, and competitive benefits to support you in your whole-person well being.

Our culture reflects the behaviors that stem from living our values every day in how we Innovate Healthcare and Technology, Gain Velocity as One Verily, and Respect Individuals. As One Verily, we uphold our collective accountability to sustain this culture and to create a VIBE (Verily’s Culture of Inclusion, Belonging, and Equitability) where all Veeps feel included, a sense of belonging, and have opportunities to grow.

If this sounds exciting to you, we would love to hear from you.

You can find out more about our company culture on our LinkedIn Company Page and Verily Careers page.

Similar Opportunities