Sr Program Manager, Data Privacy
HealthEquity, Inc.
- Saint Paul, Illinois, United States
- Saint Paul, Illinois, United States
About
What you’ll be doing
Manage day-to-day operation of assigned privacy program workflows, including intake, triage, documentation, evidence management, issue tracking, and escalation support.
Lead day-to-day coordination of the privacy workstream for incidents, including fact gathering, privacy impact analysis support, documentation, and remediation tracking.
Serve as a primary privacy point of contact for assigned business initiatives and operational privacy matters, coordinating with Security, Legal, and Compliance as appropriate.
Lead and support information‑gathering efforts related to HealthEquity’s complex data environment and apply new or changing privacy practices to new and existing processes and controls.
Develop and maintain expertise in applicable state and federal privacy laws and regulations, including those involving employee and consumer data privacy, information security, and cybersecurity, as relevant to HealthEquity.
Maintain policies, procedures, standards, templates, playbooks, and review standards to ensure company compliance, as well as manage the implementation of applicable existing and upcoming privacy laws (CPRA, state laws, federal laws).
Conduct companywide privacy assessments (NIST, HIPAA, GLBA, etc.) and support Privacy Impact Assessment (PIAs) program for personal data processing activities.
Identify privacy controls and manage privacy risks; assess control effectiveness and manage risks to the confidentiality of sensitive data including personal information (PII/PHI/NPI).
Develop training and awareness materials educating workforce on key privacy concepts, controls, and standards for ensuring the confidentiality of sensitive data.
Conduct privacy review of vendor, partner, client, and data‑sharing arrangements, documenting risk positions.
Assess vendor and software technologies and applications for privacy risks and compliance.
Support implementation of privacy tooling, automation, and workflow improvements that improve consistency, evidence quality, and program scalability.
Maintain “regulator‑ready” toolkits for response to regulator inquiries.
Work with Product and HR teams to implement compliance (Privacy by Design) across all consumer and worker touchpoints and back‑end systems.
Own or support day‑to‑day individual rights request operations, including intake, workflow coordination, quality checks, documentation, and SLA tracking.
Maintain operational dashboards, metrics, and reporting inputs for privacy reviews, requests, incidents, remediation items, and third‑party oversight.
Support audits, regulatory inquiries, client diligence, and internal assurance activities through strong evidence and documentation.
What you will need to be successful
Bachelor’s Degree, focus on technology or a related field is required.
Juris Doctorate strongly preferred.
8+ years of professional experience in a role involving privacy, legal, or compliance, preferably in a technology setting or highly regulated industry.
Strong understanding of HIPAA, GLBA, privacy‑by‑design, data governance, data lifecycle management, and risk‑based privacy practices.
Ability to translate legal, regulatory, and policy requirements into operational processes, controls, templates, and practical guidance.
Experience conducting privacy assessments and documenting risks, mitigations, exceptions, and remediation actions.
Working knowledge of data inventories, mapping, classification, minimization, retention, deletion, and secure data handling.
Experience supporting vendor, partner, and data‑sharing reviews, including API‑based integrations and third‑party privacy diligence.
Comfort working with automation and AI‑assisted tools, including agentic AI capabilities, in a controlled and responsible manner to improve consistency, efficiency, and scalability of privacy operations.
Familiarity with privacy issues related to AI, machine learning, advanced analytics, and AI‑enabled workflow tools, including appropriate governance and human oversight.
Experience using platforms such as Graphite Connect, OneTrust, AuditBoard, Salesforce, or similar tools to manage assessments, issues, evidence, remediation, and reporting.
Strong judgment, stakeholder management, and professional presence, with the ability to communicate clearly and credibly on complex or high‑visibility matters.
#LI-Remote
This is a remote position.
Salary Range $115000.00 To $165000.00 / year
Benefits & Perks The actual compensation offer is determined based on job‑related knowledge, education, skills, experience, and work location. This position will be eligible for performance‑based incentives as part of the total compensation package, in addition to a full range of benefits including:
Medical, dental, and vision
HSA contribution and match
Dependent care FSA match
Uncapped paid time off
Paid parental leave
401(k) match
Personal and healthcare financial literacy programs
Ongoing education & tuition assistance
Gym and fitness reimbursement
Wellness program incentives
HealthEquity is committed to providing reasonable accommodations to team members with qualifying disabilities.
HealthEquity, Inc. is an equal opportunity employer, and we are committed to being an employer where no matter your background or identity – you feel welcome and included. We ensure equal opportunity for all applicants and employees without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug‑free workplace. For more information about our EEO policy, or about HealthEquity’s applicant disability accommodation, drug‑free‑workplace, background check, and E‑Verify policies, please visit ourCareers page.
#J-18808-Ljbffr
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.