Data Privacy Analyst

Crossover Health

Crossover Health

United States · Remote
Posted on Tuesday, July 9, 2024

About Crossover Health

Crossover Health is creating the future of health as it should be. A national, team-based medical group with a focus on wellbeing and prevention that extends beyond traditional sick care, the company delivers an entirely new model of healthcare—Primary Health—built on the foundation of trusted relationships, an interdisciplinary care team approach, and outcomes-based payment. Crossover’s Primary Health model integrates primary care, physical medicine, mental health, health coaching, care navigation and more, and delivers care in surround-sound—in-person, virtually and via asynchronous messaging. Together we are building a community of members that embraces healthcare as a proactive part of their lifestyle.

Job Summary

Job Responsibilities

This role is critical to Crossover’s Data Privacy Program. The ideal candidate will thrive in an environment where every day brings opportunities to learn new technologies, lead projects small and large, and work with people across the organization. This role will be a mix of technical responsibilities (data loss prevention, system auditing) and privacy responsibilities (auditing how data is used, documenting data flows and investigating privacy incidents). We are constantly looking to improve our privacy controls and processes and this role will be pivotal in those efforts.

  • Conduct Privacy Impact Assessments (PIAs): Evaluate data processing activities within the organization to identify potential privacy risks and recommend mitigation measures.

  • Compliance Monitoring: Ensure that the organization complies with relevant data privacy laws and regulations, such as HIPAA, GDPR, and CPRA, by regularly reviewing policies and procedures.

  • Data Mapping and Inventory: Create and maintain a comprehensive inventory of all data assets, including personal data, and map their flow throughout the organization.

  • Data Subject Rights Management: Manage requests from data subjects to exercise their privacy rights, such as access, rectification, deletion, and data portability.

  • Privacy Audits and Assessments: Conduct regular audits and assessments of data processing activities to identify non-compliance issues and recommend corrective actions.

  • Incident Response: Develop and maintain incident response plans to address data breaches and privacy incidents, including coordination with relevant authorities.

  • Vendor Assessment: Assess third-party vendors and their data processing activities to ensure they meet the organization's privacy standards and contractual obligations.

Required Qualifications

  • 6+ Years of experience in privacy, security, or a related field

  • Developed a strong understanding of the current privacy landscape and regulations in-place

  • Experience with privacy regulations, including HIPAA, GDPR, CCPA/CPRA, ISO 27701, NIST, etc.

  • Prior experience with healthcare regulations (ex. HIPAA) and clinical environments

  • Created and maintained data mapping, data flows, and data inventories

  • Worked with Data Loss Prevention tools and systems including rule creation and maintenance

  • Responded to data subject privacy requests

  • Effective verbal and written communication skills to speak across multiple audiences

  • Demonstrated excellence in organizing, prioritizing, and multitasking in a high paced environment

  • Continuously sought and embraced opportunities to build upon your skills and knowledge

  • Ability to work independently, as well as in a team environment

  • Strong organizational and problem solving skills

Preferred Qualifications

  • Experience developing or providing content for Privacy Awareness Training

  • Experience working in a clinical setting or role

  • Experience conducting security audits, compliance audits, or vendor risk reviews

  • Experience working in a “scale-up” environment

  • Privacy related certifications, such as CIPP, CIPM or CIPT

The base pay range for this position is $93,714.00 to $107,771.00 per year. Pay range may vary depending on work location, applicable knowledge, skills, and experience. This position may be eligible for an annual bonus opportunity and comprehensive benefits package that includes Medical Insurance, Dental Insurance, Vision Insurance, Short- and Long-Term Disability, Life Insurance, Paid Time Off and 401K.

Crossover Health is committed to Equal Employment Opportunity regardless of race, color, national origin, gender, sexual orientation, age, religion, veteran status, disability, history of disability or perceived disability. If you need assistance or an accommodation due to a disability, you may email us at

To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.