Home › Companies › Bask Health 1 › Head of Compliance (HIPAA) and Security
Head of Compliance (HIPAA) and Security
Bask Health 1 · New York, United States (Remote) · Remote · Deleted · Workable
Job facts
| Field | Value |
|---|---|
| Company | Bask Health 1 |
| Title | Head of Compliance (HIPAA) and Security |
| Normalized title | - |
| Department / team | Other |
| Location | New York, United States |
| Work model | Remote / Remote |
| Employment type | Full Time |
| Salary | - |
| Status | deleted |
| ATS provider | Workable |
| Posted / first seen | 2026-04-13 / 2026-05-31 |
| Changed / last seen | 2026-06-17 / 2026-06-15 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Bask Health 1. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Workable. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in New York. | Open |
| Department jobs | Active postings in Other. | Open |
| Work model jobs | Active Remote postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Bask Health 1 |
| Source | 3d485143-963f-466f-9f00-54fd6f0feaf4 |
| ATS provider | Workable |
Description
Description
At Bask Health, every role is AI first. Work starts in an LLM to clarify intent and context, moves into the right tools to explore and execute, is tested with real users and stakeholders, and is continuously refined as we learn. AI and self serve research are default parts of how we work, not side experiments.
We are looking for people who take full ownership of their work, treat AI as a real collaborator, and care deeply about building a company that meaningfully improves how healthcare is delivered.
What You'll Do
Work AI first: Use LLMs as your starting point — to clarify thinking, draft output, research problems, and move faster. Apply your own judgment to refine quality and make it count.
Validate and iterate: Test your work with real users and stakeholders. Use what you learn to improve before problems become patterns.
Share AI native workflows: Document prompts, processes, and workflows that work. Share them across your team so we raise the bar together.
Key Responsibilities
Reporting to the General Counsel this position provides strategic and operational legal support across legal issues in cybersecurity, data privacy, artificial intelligence, and data governance.
Develop, implement, and maintain the organization's comprehensive data governance and security, privacy and compliance frameworks and policies.
Serve as the Privacy Officer and primary legal and operational authority on HIPAA, including Privacy Rule and Security Rule requirements
Ensure adherence to global, federal, state and emerging privacy laws (GDPR, CPRA, etc.), as applicable
Advise executive leadership on cybersecurity risk, mitigation, data governance, and regulatory obligations
Lead internal audits, risk assessments, and incident response planning
Manage relationships with outside counsel, regulators, and third party vendors on compliance matters
Educate staff on data handling, privacy practices, and security threats. Organize and oOversee employee training programs on data privacy, security protocols, and HIPAA obligations
Monitor evolving federal and state data privacy legislation and assess organizational impact
Draft and enforce internal data security policies, procedures, and Business Associate Agreements (BAAs)
Represent the organization in regulatory investigations or breach notification proceedings, remediation efforts, and regulatory notifications.
Requirements
J.D. from an accredited law school and active bar membership required in NY
4 to 6 years of experience in health law, data privacy, or cybersecurity law
Deep expertise in HIPAA/HITECH, state privacy laws, and corporate data security standards
Experience advising on or litigating data breach, privacy, or regulatory enforcement matters
Familiarity with NIST, SOC 2, ISO 27001, or similar security frameworks
Strong understanding of emerging technologies, cloud infrastructure, AI, and their legal implications
Bonus Qualifications
IAPP Certified Information Privacy Professional designation (CIPP) or similar
Certified HIPAA Professional (CHP) or equivalent
Full job record
| Job ID | 5e421836b293e4d62995b115c5088711b3d7151f |
| Org ID | ee69fed5-d852-45af-9fff-b4124e243b10 |
| Source ID | 3d485143-963f-466f-9f00-54fd6f0feaf4 |
| Board ID | 3d485143-963f-466f-9f00-54fd6f0feaf4 |
| Provider | workable |
| Provider Job Key | FC35DA8BD7 |
| Title | Head of Compliance (HIPAA) and Security |
| Normalized Title | — |
| Status | deleted |
| Active | no |
| Location Text | New York, United States (Remote) |
| Department | Other |
| Team | — |
| Employment Type | full_time |
| Workplace Type | remote |
| Remote Policy | remote |
| Country | United States |
| Region | — |
| City | New York |
| Salary Raw | Description At Bask Health, every role is AI first. Work starts in an LLM to clarify intent and context, moves into the right tools to explore and execute, is tested with real users and stakeholders, and is continuously refined as we learn. AI and self serve research are default parts of how we work, not side experiments. We are looking for people who take full ownership of their work, treat AI as a real collaborator, and care deeply about building a company that meaningfully improves how healthcare is delivered. What You'll Do Work AI first: Use LLMs as your starting point — to clarify thinking, draft output, research problems, and move faster. Apply your own judgment to refine quality and make it count. Validate and iterate: Test your work with real users and stakeholders. Use what you learn to improve before problems become patterns. Share AI native workflows: Document prompts, processes, and workflows that work. Share them across your team so we raise the bar together. Key Responsibilities Reporting to the General Counsel this position provides strategic and operational legal support across legal issues in cybersecurity, data privacy, artificial intelligence, and data governance. Develop, implement, and maintain the organization's comprehensive data governance and security, privacy and compliance frameworks and policies. Serve as the Privacy Officer and primary legal and operational authority on HIPAA, including Privacy Rule and Security Rule requirements Ensure adherence to global, federal, state and emerging privacy laws (GDPR, CPRA, etc.), as applicable Advise executive leadership on cybersecurity risk, mitigation, data governance, and regulatory obligations Lead internal audits, risk assessments, and incident response planning Manage relationships with outside counsel, regulators, and third party vendors on compliance matters Educate staff on data handling, privacy practices, and security threats. Organize and oOversee employee training programs on data privacy, security protocols, and HIPAA obligations Monitor evolving federal and state data privacy legislation and assess organizational impact Draft and enforce internal data security policies, procedures, and Business Associate Agreements (BAAs) Represent the organization in regulatory investigations or breach notification proceedings, remediation efforts, and regulatory notifications. Requirements J.D. from an accredited law school and active bar membership required in NY 4 to 6 years of experience in health law, data privacy, or cybersecurity law Deep expertise in HIPAA/HITECH, state privacy laws, and corporate data security standards Experience advising on or litigating data breach, privacy, or regulatory enforcement matters Familiarity with NIST, SOC 2, ISO 27001, or similar security frameworks Strong understanding of emerging technologies, cloud infrastructure, AI, and their legal implications Bonus Qualifications IAPP Certified Information Privacy Professional designation (CIPP) or similar Certified HIPAA Professional (CHP) or equivalent |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | — |
| Source URL | https://apply.workable.com/bask-health-1/jobs/view/FC35DA8BD7 |
| Apply URL | https://apply.workable.com/bask-health-1/j/FC35DA8BD7/apply |
| First Seen At | 2026-05-31 17:47:27Z |
| Last Seen At | 2026-06-15 11:42:54Z |
| Last Checked At | 2026-06-17 10:51:48Z |
| Last Changed At | 2026-06-17 10:51:48Z |
| Inactive At | 2026-06-17 10:51:48Z |
| Source Posted At | 2026-04-13 00:00:00Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=workable/board=bask-health-1/date=2026-06-15/2026-06-15T11-42-53-806Z-0ce0b5d06e5e0474a15dbf5f28c673b43cd9196e73aec92215c5eec85cf121c3.json |
Event Fields
{
"content_hash": "f3991967552f71bd36bf4f721a66cb7eba0be1f8f58bbb2ffcfef1c050b29768",
"source_hash": "ede6a3fafc1188caae12b5943bc14909cc1403254d2001891e0933c3365132ea",
"last_changed_at": "2026-06-17T10:51:48.523Z",
"active_status": "deleted"
}Parsed Structured
{
"language": "en",
"location": {
"raw": "New York, United States (Remote)",
"city": "New York",
"region": null,
"country": "United States",
"is_remote": true,
"confidence": 0.95
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-15T11:42:54.860Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "New York, United States (Remote)",
"city": "New York",
"region": null,
"country": "United States",
"is_remote": true,
"confidence": 0.95
},
"countries": [
"United States"
]
},
"remote_policy": "remote",
"salary_period": null,
"workplace_type": "remote",
"salary_currency": null
}Extensions
{}Native Structured
{
"detail": {
"type": "Full-time",
"title": "Head of Compliance (HIPAA) and Security",
"posted": "2026-04-13",
"company": "Bask Health",
"applyUrl": "https://apply.workable.com/bask-health-1/j/FC35DA8BD7/apply",
"location": "New York, United States (Remote)",
"workplace": "remote",
"department": null,
"descriptionText": "Description\n\nAt Bask Health, every role is AI first. Work starts in an LLM to clarify intent and context, moves into the right tools to explore and execute, is tested with real users and stakeholders, and is continuously refined as we learn. AI and self serve research are default parts of how we work, not side experiments. \nWe are looking for people who take full ownership of their work, treat AI as a real collaborator, and care deeply about building a company that meaningfully improves how healthcare is delivered. \n What You'll Do \n\n Work AI first: Use LLMs as your starting point — to clarify thinking, draft output, research problems, and move faster. Apply your own judgment to refine quality and make it count.\n\n Validate and iterate: Test your work with real users and stakeholders. Use what you learn to improve before problems become patterns.\n\n Share AI native workflows: Document prompts, processes, and workflows that work. Share them across your team so we raise the bar together. \n \nKey Responsibilities\n\n Reporting to the General Counsel this position provides strategic and operational legal support across legal issues in cybersecurity, data privacy, artificial intelligence, and data governance.\n Develop, implement, and maintain the organization's comprehensive data governance and security, privacy and compliance frameworks and policies. \n Serve as the Privacy Officer and primary legal and operational authority on HIPAA, including Privacy Rule and Security Rule requirements\n Ensure adherence to global, federal, state and emerging privacy laws (GDPR, CPRA, etc.), as applicable\n Advise executive leadership on cybersecurity risk, mitigation, data governance, and regulatory obligations\n Lead internal audits, risk assessments, and incident response planning\n Manage relationships with outside counsel, regulators, and third party vendors on compliance matters\n Educate staff on data handling, privacy practices, and security threats. Organize and oOversee employee training programs on data privacy, security protocols, and HIPAA obligations\n Monitor evolving federal and state data privacy legislation and assess organizational impact\n Draft and enforce internal data security policies, procedures, and Business Associate Agreements (BAAs)\n Represent the organization in regulatory investigations or breach notification proceedings, remediation efforts, and regulatory notifications.\n\n Requirements\n\n J.D. from an accredited law school and active bar membership required in NY\n\n 4 to 6 years of experience in health law, data privacy, or cybersecurity law\n Deep expertise in HIPAA/HITECH, state privacy laws, and corporate data security standards\n Experience advising on or litigating data breach, privacy, or regulatory enforcement matters\n Familiarity with NIST, SOC 2, ISO 27001, or similar security frameworks\n Strong understanding of emerging technologies, cloud infrastructure, AI, and their legal implications \n \n \n\n Bonus Qualifications\n\n IAPP Certified Information Privacy Professional designation (CIPP) or similar\n Certified HIPAA Professional (CHP) or equivalent"
},
"list_job": {
"id": "FC35DA8BD7",
"type": "Full-time",
"title": "Head of Compliance (HIPAA) and Security",
"posted": "2026-04-13",
"salary": null,
"location": "New York, United States (Remote)",
"detailUrl": "https://apply.workable.com/bask-health-1/jobs/view/FC35DA8BD7.md",
"department": "Other"
},
"detail_meta": {
"url": "https://apply.workable.com/bask-health-1/jobs/view/FC35DA8BD7.md",
"http_status": 200,
"content_type": "text/markdown; charset=utf-8",
"response_bytes": 3498
},
"detail_errors": []
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/5e421836b293e4d62995b115c5088711b3d7151f?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/ee69fed5-d852-45af-9fff-b4124e243b10JSONGET https://api.bluedoor.sh/job-postings/v1/sources/3d485143-963f-466f-9f00-54fd6f0feaf4JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/5e421836b293e4d62995b115c5088711b3d7151f/eventsJSON