fullscript - Compliance Lead
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 7+ years of dedicated, hands-on privacy experience, specifically in roles requiring deep cross-collaboration. • Proven track record of working closely with Product and Engineering teams to embed data protection and privacy guardrails directly into features, technical solutions, and product designs. • Must have direct experience working within the US healthcare industry (HIPAA). • Proven, direct experience working within OneTrust. • Deep understanding of US and Canadian privacy landscapes, with the ability to confidently navigate and apply requirements. • Experience and strong foundational knowledge regarding the privacy implications of AI. • Exceptional ability to build relationships across a business and communicate compliance requirements clearly and simply. • A pragmatic, solution-oriented Individual Contributor who thrives on autonomy and fast business growth.
Responsibilities
• Product Governance and Growth Support • Partner with Product and Engineering on new features, architecture, and user flows to ensure privacy-by-design is integrated before launch, not retrofitted after. • Lead privacy review of AI features and AI vendors, including model training restrictions, PHI usage controls, transparency disclosures, and pre-launch governance checkpoints. • Support clinical research, outcomes tracking, and de-identification workflows so that secondary uses of data are governed under documented standards. • Triage and respond to fast-moving product and commercial requests with calibrated, written guidance. • Own day-to-day execution of core privacy operations alongside the Senior Director of Compliance, with the ability to operate independently on assigned workstreams. • Operate Fullscript’s OneTrust environment for vendor reviews, data mapping, PIAs, consumer rights requests, and reporting, including configuration of new workflows as the program scales. • Lead privacy incident response activities, including intake, triage, coordination with cross-functional stakeholders, documentation, and tracking remediation efforts through resolution. • Business Enablement and Compliance Monitoring • Build trusted working relationships with stakeholders across the business so that privacy is engaged early on new initiatives rather than at the end. • Translate HIPAA, PIPEDA, Quebec Law 25, CPRA, and other applicable US state privacy laws into plain-language guidance, playbooks, and training materials the business can use without further interpretation. • Maintain ongoing monitoring of Fullscript’s privacy posture, surface emerging risk areas to the Senior Director of Compliance.
Benefits
• Great work happens when people feel supported, trusted, and inspired. At Fullscript, we stay curious and keep finding smarter ways to make care better. We grow together, take on new challenges, and focus on impact. We put people first, work as a team, and leave egos at the door. • We’re grateful for the interest in joining Fullscript. To make sure your application reaches our hiring team, please apply directly through our careers page. • A quick note: Due to the high volume of applications, we’re not able to respond to phone or email inquiries about application status. If there’s a match, our team will reach out directly.
No credit card. Takes 10 seconds.