Data Privacy Officer

Join to apply for the Data Privacy Officer role at GeneDx

Join to apply for the Data Privacy Officer role at GeneDx

Get AI-powered advice on this job and more exclusive features.

GeneDx (Nasdaq: WGS) delivers personalized and actionable health insights to inform diagnosis, direct treatment, and improve drug discovery. The company is uniquely positioned to accelerate the use of genomic and large-scale clinical information to enable precision medicine as the standard of care. GeneDx is at the forefront of transforming healthcare through its industry-leading exome and genome testing and interpretation services, fueled by the world’s largest, rare disease data sets. For more information, please visit www.genedx.com.

As a Director level role, a Data Privacy Officer (DPO) is responsible for leading the development and execution of a healthcare data privacy program with a strong technical foundation. This role ensures compliance with federal and international privacy regulations (e.g., HIPAA, HITECH, GDPR) and partners with technical teams to implement privacy by design in health IT systems, storage and use of electronic health records (EHRs), cloud infrastructure, and digital health platforms. The DPO acts as the bridge between the legal, compliance, and technology teams to safeguard Protected Health Information (PHI) and other sensitive data across the enterprise.

Job Responsibilities

Regulatory and Technical Compliance

• Ensure compliance with HIPAA, HITECH, GDPR, CCPA, and other applicable privacy laws and frameworks relevant to healthcare data systems.
• Collaborate with software developers, system architects, and cybersecurity teams to implement privacy controls and secure data workflows.
• Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) for new technologies, APIs, mobile apps, and AI/ML tools used in clinical or patient-facing environments.
  
  

Data Governance & Technical Oversight

• Define and enforce data handling standards for structured and unstructured healthcare data.
• Oversee data de-identification, pseudonymization, and encryption practices across storage, transmission, and processing.
• Support secure data lifecycle management, including retention, archival, and deletion of PHI.
  
  

Incident Response & Risk Management

• Lead investigations into potential privacy breaches involving healthcare data.
• Manage risk assessments, root cause analyses, and compliance reporting for incidents involving patient data or system vulnerabilities.
  
  

Policy & Process Development

• Develop and maintain privacy and data handling policies for healthcare IT systems.
• Integrate privacy requirements into software development life cycles (SDLC) and technical vendor assessments.
• Guide implementation of role-based access control (RBAC), audit logging, and monitoring protocols for healthcare systems.
  
  

Training & Stakeholder Engagement

• Provide privacy training and technical guidance to engineering, DevOps, clinical IT, and compliance teams.
• Serve as a key privacy resource for cross-functional initiatives, including cloud migration, EHR upgrades, patient portal deployments, or telehealth platforms.
  
  

Vendor & Third-Party Oversight

• Conduct technical privacy reviews of third-party platforms, APIs, and data exchange partners (e.g., Health Information Exchanges, SaaS tools).
• Ensure proper execution of obligations under Business Associate Agreements (BAAs) and data transfer agreements (DTAs).
  
  

People Manager

• No
  
  

Education, Experience, And Skills

• Education: Bachelor’s degree in Computer Science, Information Security, Health Informatics, or related field. Master’s degree or JD preferred.
• Certifications (preferred):
• Certified Information Privacy Professional (CIPP/US or CIPP/E)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Privacy Technologist (CIPT)
• Certified in Healthcare Privacy and Security (CHPS)
• Experience:
• 7+ years in privacy, data protection, or information security, with at least 2 years in a healthcare or health IT environment.
• Strong familiarity with EHR systems, cloud-based healthcare platforms, APIs, and medical device data integration.
• Skills:
• Deep knowledge of HIPAA Security and Privacy Rules, HITECH, and data privacy engineering practices.
• Ability to communicate complex technical concepts to legal, compliance, and executive stakeholders.
• Experience working in cross-functional, agile, or DevSecOps environments.
• Demonstrated ability to work independently and proactively
  

Work Environment

• Full-time role with flexibility for hybrid or remote work arrangements.
• Occasional travel may be required.
  
  

Acknowledgements

The above job description is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.

Pay Transparency, Budgeted Range

$180,000—$210,000 USD

~

Science - Minded, Patient - Focused.

At GeneDx, we create, follow, and are informed by cutting-edge science. With over 20 years of expertise in diagnosing rare disorders and diseases, and pioneering work in the identification of new disease-causing genes, our commitment to genetic disease detection, discovery, and diagnosis is based on sound science and is focused on enhancing patient care.

Experts In What Matters Most.

With hundreds of genetic counselors, MD/PhD scientists, and clinical and molecular genomics specialists on staff, we are the industry’s genetic testing experts and proud of it. We share the same goal as healthcare providers, patients, and families: to provide clear, accurate, and meaningful answers we all can trust.

SEQUENCING HAS THE POWER TO SOLVE DIAGNOSTIC CHALLENGES.

From sequencing to reporting and beyond, our technical and clinical experts are providing guidance every step of the way:

TECHNICAL EXPERTISE

• High-quality testing: Our laboratory is CLIA certified and CAP accredited and most of our tests are also New York State approved.
• Advanced detection: By interrogating genes for complex variants, we can identify the underlying causes of conditions that may otherwise be missed.
  
  

CLINICAL EXPERTISE

• Thorough analysis: We classify variants according to our custom adaptation of the most recent guidelines. We then leverage our rich internal database for additional interpretation evidence.
• Customized care: Our experts review all test results and write reports in a clear, concise, and personalized way. We also include information for research studies in specific clinical situations.
• Impactful discovery: Our researchers continue working to find answers even after testing is complete. Through both internal research efforts and global collaborations, we have identified and published hundreds of new disease-gene relationships and developed novel tools for genomic data analysis. These efforts ultimately deliver more diagnostic findings to individuals.
  
  

Learn more About Us here.

Our Culture

At GeneDx, we are dedicated to cultivating an environment where creativity and innovation thrive. We believe in the power of community and collaboration, where diverse perspectives are embraced, and every voice contributes to our shared success. Our team is a vibrant mix of professionals who challenge and support each other in equal measure, fostering growth both personally and professionally. When you join us, you're not just taking on a job—you're joining a movement. A movement that champions curiosity, embraces change, and believes in making an impact, one patient at a time. Cultural principles we live by:

• Be bold in our vision & brave in our execution.
• Communicate directly, with empathy.
• Do what we say we're going to do.
• Be adaptable to change.
• Operate with a bias for action.
  
  

Benefits include:

• Paid Time Off (PTO)
• Health, Dental, Vision and Life insurance
• 401k Retirement Savings Plan
• Employee Discounts
• Voluntary benefits
  
  

GeneDx is an Equal Opportunity Employer.

All privacy policy information can be found here.

• Seniority level
  Not Applicable

• Employment type
  Full-time

• Job function
  Information Technology

Referrals increase your chances of interviewing at GeneDx by 2x

Get notified about new Data Protection Officer jobs in United States.

United States $115,000.00-$125,000.00 3 weeks ago

United States $153,600.00-$264,000.00 6 days ago

United States $130,000.00-$140,000.00 1 day ago

Coral Gables, FL $170,000.00-$205,000.00 6 days ago

United States $145,000.00-$175,000.00 2 weeks ago

Cincinnati, OH $80,500.00-$169,100.00 3 days ago

United States $145,500.00-$232,500.00 6 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.