Data Privacy Specialist

ABOUT 10X HEALTH SYSTEM
10X Health System is a pioneering company at the forefront of the health and wellness industry, dedicated to revolutionizing the way individuals approach their personal health and well-being. With a philosophy rooted in the principle that optimal health is the foundation for a life lived to the fullest, 10X Health provides cutting-edge solutions and personalized health plans designed to empower individuals to achieve and maintain peak physical and mental performance.

The company's comprehensive approach to health combines the latest advances in medical science, nutrition, fitness, and technology to offer a suite of services that include state-of-the-art diagnostic testing, individualized treatment protocols, and ongoing support from a team of world-class health professionals. 10X Health's commitment to innovation and results has established it as a leader in the health optimization space, catering to those who strive to push the boundaries of what is possible in their health journey.

POSITION SUMMARY 
We’re looking for a detail-oriented Data Privacy Specialist to help strengthen and evolve our privacy program as we grow. This role ensures our clinical and corporate operations, especially across telehealth and wellness, meet healthcare, privacy, and data protection standards. The ideal individual will enjoy turning regulations into clear, workable processes and has hands-on experience with OneTrust for data inventory, cookie consent, and managing data access or deletion requests. You’ll work closely with cross-functional partners to keep compliance practical, collaborative, and aligned with our mission to deliver high-quality care responsibly. 
 
OBJECTIVES
Privacy & Data Protection 

• Support and improve privacy initiatives that keep patient and consumer data protected and handled responsibly across the entire business and new product offerings 
• Manage OneTrust workflows, including data mapping, cookie banners, and individual data rights requests 
• Review and maintain data processing agreements (DPAs) and vendor practices to ensure compliance with privacy and security requirements
• Help coordinate privacy incident response and related documentation with Legal and IT
• Keep policies, records, and documentation current to support ongoing compliance readiness 

Risk Assessments & Audits 

• Conduct privacy risk assessments and document findings clearly 
• Identify gaps and recommend practical solutions that fit our size and pace of growth 
• Support internal and external audit preparation, including assisting with SOC 2 certification 

Operational Compliance 

• Track changes in all US and OUS privacy laws 
• Support staff training and awareness programs related to  privacy compliance 
• Partner with business owners to ensure all products and offerings incorporate privacy by design

COMPETENCIES 

• Deep understanding of healthcare privacy and compliance frameworks such as HIPAA, CCPA and CPRA, GINA, GDPR, and FTC guidance
• Hands-on experience with OneTrust, including data mapping, cookie consent management, data classification and data rights fulfillment 
• Familiarity with telehealth, digital health, or wellness based care models 
• Ability to conduct audits, risk assessments, and vendor reviews 
• Collaborative approach and ability to work effectively across teams 
• Clear communicator who can translate complex concepts into practical training and operational processes 
• Comfortable operating in a fast paced, growing environment with evolving regulatory needs

• 3-5 years of experience in healthcare privacy compliance and affairs
• Bachelor’s degree required; advanced degree such as JD, MPH, MBA, or similar preferred 
• Certifications such as CIPP/US, CIPP/E, CIPM preferred but not required 

PHYSICAL REQUIREMENTS 

• Prolonged periods of sitting at a desk 
• Must be able to lift up to 15 pounds at times 

Salary : $95,000 - $120,000