Commercial & Healthcare Regulatory Counsel

About The Position

Requirements

• J.D. from an accredited law school and active license to practice law in at least one U.S. jurisdiction.
• 8–10 years of legal experience (law firm and/or in-house) in healthcare, digital health, or pharmacy; strong candidates with 4+ years will be considered.
• Demonstrated experience drafting and negotiating commercial and technology agreements.
• Experience with vendor/procurement contracting and third‑party risk management (e.g., SaaS/IT, SOWs, SLAs, security addenda, BAAs/DPAs).
• Working knowledge of healthcare regulatory frameworks (e.g., AKS, HIPAA, FDA, DEA, PBM) with a willingness to deepen expertise and collaborate with specialists.
• Excellent communication, judgment, and organizational skills with a practical, business-minded approach.
• Ability to thrive in a fast-paced, evolving organization and manage multiple priorities effectively.
• Ability to work at a computer terminal with monitor, keyboard and mouse for extended periods of time, stoop, bend, and reach for equipment and supplies, make frequent repetitive motions required to operate a computer that include the wrists, hands and fingers, and lift, carry, push, pull, and move light objects up to 20 pounds.
• Ability to effectively communicate through verbal interactions, discern auditory information, and visually perceive details to perform essential job functions.
• Applicants must be authorized to work for any employer in the U.S.

Nice To Haves

• Experience in pharmacy or PBM-related commercial/regulatory work.
• Exposure to data privacy, cybersecurity, and breach response.
• Familiarity with regulatory frameworks applicable to telehealth, diagnostics, and clinical operations.
• Experience with contract lifecycle management (CLM) and legal operations tooling.
• Familiarity with SOC 2/ISO 27001 and vendor security due diligence processes.

Responsibilities

• Draft, review, and negotiate commercial agreements (e.g., MSAs, SOWs, BAAs/DPAs, SaaS and technology, services, licensing, data sharing) using playbooks and clause libraries.
• Manage redlines, issues lists, internal alignment, and approval workflows through execution; memorialize deviations and approvals.
• Maintain and improve templates, clause libraries, and playbooks to reduce cycle time and drive consistency.
• Issue-spot and provide practical guidance on applicable laws and regulations, such as the Anti-Kickback Statute (AKS), Stark Law, False Claims Act, FDA/DEA requirements relevant to pharmacy and telehealth operations, state pharmacy/professional licensing, PBM contracting/network participation, and HIPAA/HITECH.
• Conduct targeted research, prepare summaries, and assist with regulatory analyses and alerts; coordinate with Compliance to ensure ownership and accountability across healthcare and pharmacy regulatory domains.
• Partner with outside counsel on complex or novel regulatory questions; help implement recommendations.
• Support the Privacy team on HIPAA and data protection matters, including incident response, breach investigations, and privacy compliance activities.
• Assist with drafting and negotiating privacy and security provisions in client and vendor agreements, including BAAs, DPAs, and security addenda.
• Partner with internal stakeholders to identify and remediate data handling risks; encourage privacy-by-design practices.
• Draft, review, and negotiate vendor, procurement, and operations agreements (IT/SaaS, professional services, logistics/delivery, marketing vendors, clinical vendors), including MSAs, SOWs, order forms, renewals, and amendments.
• Partner with Procurement, Finance, Security/IT, Privacy, and Compliance on intake, diligence, and approvals (e.g., security questionnaires, BAAs/DPAs, SOC 2/ISO docs, COIs).
• Negotiate and document SLAs, support/uptime, data handling/retention, audit rights, business continuity/DR, termination/transition assistance, and fee/charge guardrails.
• Provide timely, business-oriented legal advice to Commercial, Partnerships, and Operations teams.
• Contribute to process improvements (e.g., workflow design, CLM hygiene, playbook refinements, dashboards) that scale the legal function.
• Support communications and marketing review for external messaging, disclosures, and public statements.
• Collaborate with Compliance on training materials, audits, and corrective actions.
• Assist with risk assessments, internal inquiries, and remediation planning as needed.

Benefits

• dental
• vision
• multiple group medical plans to choose from
• a 401(k) retirement savings plan
• group life insurance
• accidental death and dismemberment (AD&D) insurance
• flexible spending account (FSA)
• health savings account (HSA)
• commuter benefits
• employer-paid short-term (STD) and long-term disability (LTD) insurance
• additional supplemental insurance plans (spouse life insurance, legal insurance, an employee assistance program, home health testing kits, and a fertility medication discount program)
• flexible vacation time
• accrued paid sick time
• 10 paid holidays
• (2 floating holidays for full time non-exempt employees)
• eight weeks of paid parental leave for eligible employees
• additional paid weeks for the birthing parent
• 4 weeks paid caregiver leave
• a Lifestyle Spending Account allowance each month