[Hiring] Corporate Counsel, Privacy and Data Security @Agilon Health

Role Description

At agilon health, we are reimagining health care by empowering primary-care physicians to focus on the total health of their senior patients. agilon’s mission is rooted in better outcomes, stronger physician satisfaction, and healthier communities.

We are seeking a Senior Associate General Counsel, Data Privacy & Security to play a critical enterprise leadership role at the intersection of healthcare, technology, compliance, and innovation. This is a senior individual contributor role with broad visibility across the organization and meaningful influence on how agilon governs data privacy, data security, data use, and emerging technologies.

This role is ideal for a strategic, business-minded attorney who brings deep healthcare privacy expertise and enjoys building practical, scalable legal frameworks that enable innovation. You will help shape the company’s privacy program, advise on complex data and technology issues, support AI governance efforts, lead privacy incident response, and partner with stakeholders across Legal, IT, Security, Product, Clinical, HR, Finance, and Commercial teams.

In this role, you will serve as a trusted advisor across the enterprise and help build the legal guardrails that support responsible data use in a fast-moving, highly regulated environment. Key responsibilities include:

• Lead and evolve agilon’s privacy legal governance framework, including policies, standards, and operational guardrails aligned with U.S. and India requirements.
• Advise on healthcare privacy, data security, governance, retention, defensible deletion, and compliant data use across products, analytics, operations, and enterprise initiatives.
• Build scalable privacy programs, playbooks, implementation guides, and self‑service tools that enable teams to move quickly within clear legal boundaries.
• Serve as a primary legal advisor on high‑risk or novel data uses, privacy and security risk assessments, digital tracking, website governance, and member outreach.
• Embed practical privacy review into core business workflows, including product development, vendor procurement, marketing, and data‑sharing activities.
• Draft, negotiate, and close a wide range of commercial agreements, including BAAs, SaaS, services, licensing, NDAs, SOWs, grant, consultant, and information security terms.
• Own legal standards for data protection terms and advise on third‑party risk, vendor diligence, and vendor‑related incidents.
• Lead legal response to privacy and data security incidents, including breach analysis, notification strategy, regulatory engagement, and stakeholder coordination.
• Support regulatory audits, examinations, and inquiries involving privacy and data security.
• Advise on AI governance and emerging technologies, including acceptable use, legal risk, transparency, accountability, and evolving regulatory expectations.
• Monitor developments in privacy, healthcare, and technology law and translate them into clear, actionable business guidance.
• Support privacy integration and remediation in acquisitions, new partnerships, and periods of organizational growth.

Qualifications

• Active license to practice law.
• 6-8+ years of privacy and data security experience in-house and/or at a law firm, with preference for candidates who have supported healthcare or technology companies.
• Strong knowledge of U.S. privacy and data security laws, including HIPAA/HITECH, CCPA/CPRA, and evolving state privacy laws.
• Proven ability to develop and operationalize privacy governance frameworks, policies, playbooks, and scalable processes.
• Experience managing a high volume of diverse contract types (services agreements, BAAs, SaaS, NDAs, EULAs, licensing agreements, and similar).
• Experience leading or supporting privacy and data security incident response, including breach analysis, regulatory notification, and vendor investigations.
• Experience participating in or supporting regulatory audits or examinations by state or federal regulators.

Preferred Qualifications

• Prior healthcare regulatory experience, with particular familiarity with Medicare Advantage, CMS requirements, value-based care models, or primary care-oriented healthcare delivery.
• Experience supporting technology-enabled healthcare products, data platforms, or digital health initiatives.
• Familiarity with AI/ML governance frameworks, algorithmic accountability, and legal considerations related to emerging technologies.
• Experience leading privacy program integration following a merger, acquisition, or significant organizational change.
• Experience advising on the use of protected health information (PHI) in clinical, operational, analytics, or value-based care contexts.

What Will Set You Apart

The strongest candidates will bring excellent judgment, a practical and collaborative style, and the ability to translate complex legal and regulatory requirements into business-friendly guidance. You should be comfortable operating in a fast-paced environment, managing multiple priorities, and partnering across technical and non-technical teams alike. Success in this role requires strong communication skills, high integrity, sound reasoning, and the ability to build trust with stakeholders at every level of the organization.

Join agilon health

If you are energized by the opportunity to build modern privacy and data governance frameworks in a mission-driven healthcare company, this is a chance to make a meaningful impact.

Protect yourself: agilon health will never send unsolicited job offers or request payments or financial information. Such communications are fraudulent.

Location

Remote - NC

Pay Range

$153,000.00 - $191,300.00. Salary range shown is a guideline. Individual compensation packages can vary based on factors unique to each candidate, such as skill set, experience, and qualifications.