Privacy Analyst

ABOUT ARTERA

Our Mission: Make healthcare #1 in customer service.

What We Deliver: Artera, a SaaS leader in digital health, transforms patient experience with AI-powered virtual agents (voice and text) for every step of the patient journey. Artera’s virtual agents support front desk staff to improve patient access including self-scheduling, intake, forms, billing and more. Whether augmenting a team or unleashing a fully autonomous digital workforce, Artera offers multiple virtual agent options to meet healthcare organizations where they are in their AI journey. Artera helps support 2B communications in 109 languages across voice, text and web. A decade of healthcare expertise, powered by AI. 

Our Impact: Trusted by 900+ provider organizations — including specialty groups, FQHCs, large IDNs and federal agencies — engaging 100 million patients annually. 

Our award-winning culture: Since founding in 2015, Artera has consistently been recognized for its innovative technology, business growth, and named a top place to work. Examples of these accolades include: Inc. 5000 Fastest Growing Private Companies (2020, 2021, 2022, 2023, 2024); Deloitte Technology Fast 500 (2021, 2022, 2023, 2024); Built In Best Companies to Work For (2021, 2022, 2023, 2024, 2025). Artera has also been recognized by Forbes as one of “America’s Best Startup Employers,” Newsweek as one of the “World’s Best Digital Health Companies,” and named one of the top “44 Startups to Bet your Career on in 2024” by Business Insider.

We’re looking for a curious and collaborative Privacy Analyst to join Artera’s lean yet mighty Legal team. This is a unique opportunity to step into a high-impact role where you’ll not only help us navigate data privacy requirements across healthcare and global regulations, but also shape how we approach privacy at a strategic level. If you’re currently at a larger company and craving a chance to help build and influence privacy policy from the ground up — this could be your moment.

You’ll be the connective tissue between Legal, Information Security, and other key cross-functional partners, working on everything from vendor risk reviews and data protection agreements to privacy tooling, policy updates, and emerging topics like AI governance. Our Privacy and Security efforts are deeply intertwined, and you’ll be a key voice as we evolve our privacy program to meet new challenges and opportunities — including GDPR, HIPAA, HITECH, and future AI and machine learning use cases.

While you'll have strong collaborators in our Security & Compliance team, this role lives within Legal under our FinOps function. That means you’ll have the space and influence to make decisions that directly shape policy — not just implement it. You'll support internal education, help establish scalable practices, and serve as an internal privacy expert as we continue to grow and innovate responsibly.

**The role is listed under our Denver hub, but we're open to candidates in any of our hiring hubs. Denver is preferred to support team collaboration, but it's not a must.**

• Partner with Legal, Information Security, Product, and other teams to ensure compliance with global privacy regulations (e.g., GDPR, HIPAA, HITECH).
• Draft, update, and maintain privacy policies, internal documentation, and public-facing language (e.g., website legal landing page, AI Q&A, cookie disclosures).
• Support contract reviews and negotiations, including Business Associate Agreements (BAAs) and Data Protection Agreements (DPAs).
• Shape and contribute to Artera’s AI and machine learning policy framework.
• Conduct and maintain cookie scanning and consent management through tools like OneTrust.
• Help build and mature our privacy program, with a focus on practical, scalable solutions.
• Support vendor onboarding and risk assessments in partnership with InfoSec.
• Collaborate with outside counsel to stay ahead of regulatory changes and translate them into actionable policy.
• Partner cross-functionally to educate teams and maintain consistent privacy practices.
• Participate in audit readiness efforts and support FedRAMP privacy deliverables.

• 4+ years of experience in privacy, compliance, or a related field
• Bachelor's degree in Information Security, Legal Studies, Public Policy, or Business Administration preferred; additional experience in lieu of a degree is also accepted. 
• Strong understanding of U.S. healthcare privacy regulations (HIPAA, HITECH), with working knowledge of global frameworks such as GDPR
• Experience supporting data privacy and security audits; familiarity with frameworks like HITRUST, SOC 2, or ISO 27001
• Proficient with privacy management tools (e.g., OneTrust or similar)
• Excellent project and time management skills, with the ability to manage multiple priorities
• IAPP certification (e.g., CIPP, CIPM, or CIPT) preferred

• Exposure to FHIR, HL7, or cybersecurity frameworks.
• Experience with building AI policies and procedures

OUR APPROACH TO WORK LOCATION

Artera has hybrid office locations in Santa Barbara, CA, and Philadelphia (Wayne), PA, where team members typically come in three days a week. Specific frequency can vary depending on your team's needs, manager expectations and/or role responsibilities.

In addition to our U.S. office locations, we are intentionally building geographically concentrated teams in several key metropolitan areas, which we call our “Hiring Hubs.” We are currently hiring remote candidates located within the following hiring hubs:

- Boston Metro Area, MA

- Chicago Metro Area, IL

- Denver Metro Area, CO

- Kansas City Metro Area (KS/MO)

- Los Angeles Metro Area, CA

- San Francisco / Bay Area, CA

- Seattle Metro Area, WA

This hub-based model helps us cultivate strong local connections and team cohesion, even in a distributed environment. 

To be eligible for employment at Artera, candidates must reside in one of our hybrid office cities or one of the designated hiring hubs. Specific roles may call out location preferences when relevant.

As our hubs grow, we may establish local offices to further enhance in-person connection and collaboration. While there are no current plans in place, should an office open in your area, we anticipate implementing a hybrid model. Any future attendance expectations would be developed thoughtfully, considering factors like typical commute times and access to public transit, to ensure they are fair and practical for the local team.

WORKING AT ARTERA 

Company benefits - Full health benefits (medical, dental, and vision), flexible spending accounts, company paid life insurance, company paid short-term & long-term disability, company equity, voluntary benefits, 401(k) and more! 

Career development - Manager development cohorts, employee development funds

Generous time off - Company holidays, Winter & Summer break, and flexible time off

Employee Resource Groups (ERGs) - We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join. 

EQUAL EMPLOYMENT OPPORTUNITY (EEO) STATEMENT

Artera is an Equal Opportunity Employer and is committed to fair and equitable hiring practices. All hiring decisions at Artera are based on strategic business needs, job requirements and individual qualifications. All candidates are considered without regard to race, color, religion, gender, sexuality, national origin, age, disability, genetics or any other protected status. 

Artera is committed to providing employees with a work environment free of discrimination and harassment; Artera will not tolerate discrimination or harassment of any kind.

Artera provides reasonable accommodations for applicants and employees in compliance with state and federal laws. If you need an accommodation, please reach out to hr@artera.io.

DATA PRIVACY

Artera values your privacy. By submitting your application, you consent to the processing of your personal information provided in conjunction with your application. For more information please refer to our Privacy Policy.

SECURITY REQUIREMENTS

All employees are responsible for protecting the confidentiality, integrity, and availability of the organization’s systems and data, including safeguarding Artera’s sensitive information such as, Personal identifiable Information (PII) and Protected Health Information (PHI). Those with specific security or privacy responsibilities must ensure compliance with organizational policies, regulatory requirements, and applicable standards and frameworks by implementing safeguards, monitoring for threats, reporting incidents, and addressing data handling risks or breaches.