Director, Healthcare and Privacy Law
About Us
Kardigan is a heart health company working to make cardiovascular disease preventable, curable and no longer the leading cause of death in the world. It is our mission to develop multiple targeted treatments in parallel that bring people with cardiovascular diseases to the cures they deserve.
At Kardigan, we are motivated by our values which guide how we work, interact, and achieve our goals. Driven by patients and their families, we are deeply committed to improving the lives of patients and prioritizing their needs above all else. We believe in being authentic—leading with truth to bring out the best in others by creating an environment where every person knows they will be fully accepted. With an eagerness to learn, we encourage the highest levels of curiosity and are open to changing our minds. We are committed to winning as a team with urgency, excellence, and intention, and support each other no matter what role we play or where we sit. Lastly, we strive to enable the impossible because patients are counting on us. We are not afraid to take risks to unlock innovation and advance scientific discoveries.
These values are the foundation of our work, empowering us to make a real difference, every day.
Position Title: Director, Healthcare and Privacy Law
Department: Legal
Reports To: Vice President, Corporate Law
Job Overview
Kardigan is seeking an experienced Director, Healthcare and Privacy Law. This will be a strategic legal role responsible for providing comprehensive legal guidance on healthcare regulations, privacy and data protection compliance, and contract management. This person will serve as a key legal advisor across these three distinct areas of the law to support business leaders navigate complex regulatory landscapes while supporting the company to meet its business objectives. This position will be reporting to our Vice President, Corporate Law.
Essential Duties and Responsibilities
Healthcare Compliance
- Provide legal guidance on compliance with healthcare regulations including Medicare/Medicaid requirements and other healthcare regulatory laws, including Anti-Kickback Statute, Stark Law, Sunshine Act, comparable state fraud and abuse laws, and other state healthcare laws, including corporate practice of medicine and fee splitting prohibitions.
- Advise on healthcare compliance matters related to pharmaceuticals, medical devices, physician practices/remote patient monitoring, and other digital health products as applicable.
- Provide legal guidance on patient rights, informed consent, and medical ethics issues.
- Support healthcare transactions and business arrangements with regulatory analysis as applicable.
- Monitor and analyze emerging healthcare legislation and regulatory changes.
- Develop and implement healthcare compliance policies and procedures.
- Support or participate in compliance healthcare compliance committees and oversee compliance auditing and monitoring.
- Interact with local counsel in foreign jurisdiction to ensure compliance with local healthcare laws.
Privacy & Data Protection
- Lead privacy compliance across the organization, including HIPAA, GDPR, CCPA/CPRA and other applicable US and foreign privacy laws.
- Advise on privacy and data protection requirements, including, as applicable for cross border transfers, clinical operations, new products and services.
- Review and approve data collection, storage, and processing activities, privacy impact assessments, and data protection agreements.
- Manage privacy incident response and breach notification processes.
- Collaborate with IT and security teams on data protection measures.
Contract Management
- Draft, review and negotiate agreements, including data sharing and transfer agreements, master services agreements, consulting agreements, and other commercial agreements.
- Develop and maintain contract templates and playbooks.
- Provide strategic guidance on contract terms and risk allocation.
Qualifications
- JD degree from an accredited law school with admission to practice law.
- A minimum of 7 years of legal experience with a mix of law firm and in-house experience at pharmaceutical, biotechnology, or medical device companies.
- Expertise in healthcare regulations and data/privacy laws for pharmaceuticals, devices, and digital health products.
- Experience with FDA regulations and regulatory framework in foreign jurisdictions.
- Strong understanding of HIPAA, GDPR, and other privacy frameworks.
- Excellent contract drafting, review and negotiation skills.
- Excellent problem-solving capabilities.
- Strong organizational and planning skills, ability to manage changing priorities and workflow, and the ability to effectively advance multiple simultaneous projects.
- Strong interpersonal and written and verbal communication skills, with an ability to communicate and collaborate with individuals at all levels inside and outside of the organization in a positive and effective manner.
- Ability to operate in a fast-paced, rapidly growing workplace, with a keen interest in providing a consistently high level of service.
- Able to work independently while exercising initiative and good judgment.
- Motivated and enthusiastic.
- Assist and support with any special projects and initiatives.
- Perform other duties as directed by the manager.
Apply for this job
*
indicates a required field