Privacy Manager

Lyra Health

Lyra Health

United States
Posted on Thursday, July 11, 2024
About Lyra Health
Lyra is transforming mental health care through technology with a human touch to help people feel emotionally healthy at work and at home. We work with industry leaders, such as Morgan Stanley, Uber, Amgen, and other Fortune 500 companies, to improve access to effective, high-quality mental health care for their employees and their families. With our innovative digital care platform and global provider network, 10 million people can receive the best care and feel better, faster. Founded by David Ebersman, former CFO of Facebook and Genentech, Lyra has raised more than $900 million.
About the Role
You will be a critical member of Lyra’s growing legal team, within its privacy division, supporting internal stakeholders in fulfilling Lyra’s mission to bring mental and emotional health solutions to large employers across the country. This is a full-time role that can be located in our SF Bay Area headquarters (Burlingame, California) or remote and will report to Lyra’s Associate General Counsel, Privacy and Records (AGC). Under the direction of the AGC, you will play an integral role in the operational implementation of Lyra’s privacy program. You will work independently to provide the business with appropriate tools to ensure compliance with both emerging state privacy law (CPRA, CPA, etc.) as well as federal and international privacy law (HIPAA, GDPR, COPPA, TCPA, CAN-SPAM, Part 2, TCPA, etc.). The Privacy Manager will collaborate with other members of the Privacy and Security Teams to promote company wide privacy initiatives and advance strategic goals. The Privacy Manager will also take the lead on internal communications related to privacy and promote a culture of compliance. Experienced privacy managers are welcome to join our dynamic and passionate team.

Responsibilities

  • Draft, implement and maintain internal policies and procedures related to HIPAA and CPRA
  • Collaborate with the Security Team with regards to vendor management and privacy due diligence
  • Collaborate with other members of the Privacy Team to advance privacy awareness activities within Lyra
  • Lead efforts to audit and monitor the effectiveness of Lyra’s privacy program
  • Conduct regular Risk Assessments pursuant to CPRA and other state laws
  • Complete Privacy Impact Assessments. Implement and operationalize privacy by design principles
  • Socialize privacy initiatives and guide internal communications
  • Other duties as assigned.

Qualifications

  • 5+ years of general privacy experience
  • 3+ years implementing and managing a corporate privacy program
  • Bachelor’s Degree required
  • JD a plus!
  • CIPP/CIPM certification a plus!
  • Content creation, digital marketing and/or communication experience preferred
  • HIPAA and GDPR experience strongly preferred
  • Excellent communication skills, both verbal and written
  • Ability to think quickly on your feet, convey grace under pressure, and simultaneously manage workloads, multiple demands and shifting priorities
  • Ability to operate autonomously, yet collaboratively, while bringing a positive attitude to the workplace
  • Sense of humor and strong affinity for team donut day
We are an Equal Opportunity Employer. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, age, disability, genetic information or any other category protected by law.
By applying for this position, your data will be processed as per Lyra Health Workforce Privacy Notice. Through this application, we will collect personal information from you including your name, email address, gender identity, employment information, and phone number for the purposes of recruiting and assessing suitability, aptitude, skills, qualifications, and interests for employment with Lyra. We may also collect information about your race, ethnicity, and sexual orientation, which is considered sensitive personal information under the California Privacy Rights Act (CPRA). Providing this information is optional and completely voluntary. If you are a California resident and would like to limit how we use this information, please use the Limit the Use of My Sensitive Personal Information form. This information will only be retained for as long as needed to fulfill the purposes for which it was collected, as described above. Please note that Lyra does not “sell” or “share” personal information as defined by the CPRA. For more information about how we use and retain your information, please see our Workforce Privacy Notice.