Privacy Design & Governance Director, Privacy-by-Design (Remote)

Join Us!
Take the next step in your journey at Inspira Financial. You will help businesses and individuals thrive today, tomorrow, and into retirement. Become part of a company that is people centric and client obsessed in every interaction; a community of forward-thinking individuals focused on driving results to deliver our mission with an unwavering commitment to integrity. Join us as we strengthen and simplify the health and wealth journey -- relentlessly pursuing better outcomes for all. We believe in finding the best talent! While some roles are based at one of our office locations, remote roles can sit in any of the following states: AL, AZ, FL, GA, IA, IL, IN, MI, MN, MO, NC, NE, PA, SC, TN, TX, UT, VA and WV. Remote status and role locations are subject to change. Relocation is not provided.
Employees within a 90-minute radius of our Oak Brook, IL headquarters are required to adhere to the company in-office work guidelines of 4 days per month minimum from 10 am to 2 pm (1 of the 4 days must be a Monday or Friday).
This requirement does not apply to support specialist positions.
Don't meet every single requirement? Here at Inspira Financial, we believe there is no "perfect" candidate and want to encourage applying even if all the requirements listed aren't met. Our goal is to build an authentic workplace by valuing diversity in our candidates. We work to ensure that our team reflects the diversity of the businesses and clients we serve. We are always looking to expand our growing team with dynamic and enthusiastic individuals. If you enjoy a collaborative, fun environment that champions career development, Inspira Financial is the place for you! We look forward to receiving your application! Check out this Inspira Financial video to learn more about our company!
Inspira Financial provides health, wealth, retirement, and benefits solutions that strengthen and simplify the health and wealth journey. With more than 7 million clients, representing over $62 billion in assets, Inspira works with thousands of employers, plan sponsors, recordkeepers, TPAs, and other institutional partners -- helping the people they care about plan, save, and invest for a brighter future. Inspira relentlessly pursues better outcomes for all with our automatic rollover services, health savings accounts, emergency savings funds, custody services, and more. Learn more at inspirafinancial.com .
We have been recognized for our remarkable growth on lists such as Crain's Fast 50 and Inc. 5000, and for our outstanding workplace culture and benefits with Built In's 2025 Best Places to Work and Gallagher's 2022 Best-In-Class Employer awards.
Job Summary & Responsibilities
Reporting to the Chief Privacy Officer (CPO), the Director of Privacy Design and Governance serves as the privacy lead for product development, ensuring that privacy is embedded into products and data initiatives from concept and design through development, deployment, and decommissioning. In this role, the Director advances a comprehensive privacy program aligned with HIPAA, GLBA, applicable state privacy laws, and emerging federal and industry standards, including privacy frameworks, control mapping, and privacy standards for AI/ML and vendor data handling.
Acting as a strategic partner to Product, Data Science, Legal, Security, Marketing, and Operations, the Director conducts privacy impact assessments and risk assessments, defines data-minimization and retention strategies, identifies safeguards and controls, and provides clear guidance on compliant data use and disclosures, and individual privacy rights. Through strong cross-functional leadership and measurable governance, the Director enables business innovation while ensuring regulatory compliance and fostering trust, transparency, and accountability in all product and data practices.
Duties & Responsibilities:

• Build and maintain a privacy control framework that maps requirements across HIPAA, GLBA, state privacy laws, FTC expectations, and other applicable federal regulations.
• Manage comprehensive standards addressing data sharing, de-identification, artificial intelligence and machine learning, and vendor data handling.
• Manage the organization's privacy-by-design framework, ensuring privacy considerations are embedded early in new product development, marketing initiatives, and business processes.
• Lead a privacy advisory program that provides timely, practical, and risk-based guidance to business units on compliant data use and sharing.
• Assist the CPO with stakeholder engagement and change management efforts, ensuring privacy requirements are clearly communicated, understood, and adopted across all departments.

• Develop and manage the Privacy Impact Assessment (PIA) process to evaluate risks associated with new systems, projects, and technologies involving PHI, PII and NPPI.
• Partner with Product, Engineering, and Security teams to define privacy control requirements and technical guardrails within design and deployment lifecycles.
• Support Marketing, IT, Security, Legal and Data Sciences teams in ensuring compliant practices related to data profiling and tracking technologies.
• Advise business units on individual rights processing (access, correction, deletion, opt-out) and ensure operational readiness for consumer privacy requests.

• Assist CPO in the maintenance of privacy policies and procedures, workforce training, and deliver targeted privacy training for business units.

• Monitor evolving HIPAA, GLBA, state, and federal privacy regulations, assessing their impact on organizational operations and policies.
• Provide guidance and thought leadership on emerging privacy trends, regulatory expectations, and enforcement priorities.
• Provide guidance and monitor compliance with the records retention policy to ensure proper administration in accordance with applicable laws and best practices.

Supervisory Responsibilities:

• Recruits, interviews, hires, and trains new staff.
• Oversees the daily workflow of the department.
• Provides constructive and timely performance evaluations.

#LI-Remote
Preferred Qualifications
Education & Experience:

• Bachelor's degree in Healthcare Administration, Risk Management, Information Systems, Legal Studies, Public Policy, or a related field (JD or MBA/MHA preferred).
• Relevant privacy certifications (CIPP/US, CIPM, CHPC, CHPS, or equivalent) preferred.
• 5-8 years of privacy, compliance, or data governance experience within a HIPAA-regulated organization.

Skills & Abilities:

• In-depth knowledge of the HIPAA Privacy, Security, and Breach Notification Rules, GLBA Safeguards and Privacy Rules, and major U.S. state privacy laws.
• Expertise in privacy-by-design, PIAs, and risk analysis.
• Demonstrated experience in privacy program development, policy design, risk management, and cross-functional advisory work.
• Exceptional communication, leadership, and stakeholder management skills, with the ability to influence at all levels.
• Strong analytical and problem-solving skills; ability to translate regulatory requirements into actionable guidance.
• Excellent writing and communication skills for policies, training, and executive reporting.
• Cross-functional collaboration and leadership experience across Legal, Security, IT, and Product.
• Vendor risk and contract review advisory experience.
• Ability to foster a culture of privacy accountability and continuous improvement.

Other Requirements:

• Infrequent travel
  • Ability to provide personal transportation from time to time.
• Occasionally lifts up to 25 pounds.
• Prolonged periods of sitting at a desk and working on a computer

Compensation & Benefits
$120,000-$145,000 per year