Mid-Level Associate for Health Care and General Privacy Counseling

Profile

Job Overview

A leading law firm with a nationally recognized Privacy & Cybersecurity practice is currently seeking a mid-level associate attorney with 4 to 7 years of experience in health care privacy and general privacy law. The associate will advise clients-primarily in the technology and life sciences industries-on regulatory compliance, product development, data governance, and legal risk related to the handling of sensitive information. This role offers the opportunity to work with a range of innovative clients and address complex legal and technical issues in a fast-evolving privacy landscape.

Location

• New York City, NY

Duties

• Provide legal counseling on privacy issues relating to product and service development

• Draft and revise privacy policies, notices, consent forms, and related compliance documentation

• Advise on compliance with U.S. health privacy laws, including HIPAA and applicable state regulations

• Interpret and apply consumer privacy laws and sector-specific federal laws

• Draft and negotiate data privacy agreements such as:

  • Business Associate Agreements (BAAs)

  • Data Processing Agreements (DPAs)

  • Data Use Agreements (DUAs)

• Conduct privacy and cybersecurity risk assessments

• Assist with incident response, including drafting notifications for privacy or data breaches

• Provide guidance on international privacy laws such as the GDPR

• Advise on advertising technology (adtech) compliance, where applicable

Requirements

• 4 to 7 years of experience practicing privacy law, preferably in a law firm or in-house legal department

• Demonstrated expertise in health information privacy and consumer data protection

• Experience advising clients in sectors such as digital health, biotech, or emerging technology

• Active bar membership in New York, or eligibility to sit for the next bar exam

• Strong professional references and work history

• Excellent legal writing, client counseling, and interpersonal communication skills

Education

• Juris Doctor (J.D.) from an accredited U.S. law school

Certifications

• Active bar license in NY, or eligibility to obtain such licensure

Skills

• Proficient in U.S. health care privacy laws, including:

  • HIPAA, CMIA, Washington My Health My Data Act, Nevada SB 370

• Familiar with major federal privacy laws:

  • GLBA, FCRA, COPPA, FTC Act

• Skilled in state privacy frameworks, including CCPA/CPRA

• Understanding of international laws such as the EU’s GDPR

• Ability to analyze complex data flows and technology use in legal contexts

• Competency in drafting, reviewing, and negotiating data-sharing agreements

• Experience conducting privacy audits and developing compliance strategies

• Familiarity with adtech-related privacy issues (preferred but not required)

Benefits

• Medical, dental, and vision insurance coverage

• Life and disability insurance

• Health Savings Accounts (HSAs) and Flexible Spending Accounts (FSAs)

• Access to wellbeing and mental health support programs

• Eligibility for discretionary annual performance bonus

Company info

BCG Attorney Search
125 Park Avenue, 25th floor
New York
New York
United States 10017
Phone : (212) 232-0277
Fax : (213) 895-7306