• Build and scale Owner’s Legal function as the company’s first full-time legal hire, establishing the frameworks, tooling, and operating norms that enable rapid growth. • Serve as strategic DRI on the company’s most sensitive and high-impact matters, including litigation strategy, negotiations, regulatory posture, and complex commercial agreements. • Partner closely with Product and Engineering to ensure new products, pricing models, integrations, and financial infrastructure are built with compliance and risk minimization in mind. • Design scalable systems across contracting, compliance, employment, corporate governance, privacy, and IP, ensuring clarity, speed, and auditability. • Lead Owner’s litigation strategy end-to-end, including outside counsel engagement, negotiation posture, documentation, and executive communication. • Proactively identify risk areas across the business and build policies, processes, and internal education to mitigate them before they become issues. • Support strategic partnerships/transactions, board matters, fundraising, corporate governance, and investor communications. • Establish the legal architecture needed for Owner’s next phase of scale, creating the foundations for a function that can grow alongside the business. • Earn deep trust across the organization by combining clarity of judgment with a bias to action, moving fast while elevating Owner’s risk standards.

• Be a trusted advisor to product managers, engineering, product marketing managers, and security teams, ensure compliance, respond to incidents, and revise and update policies, processes, and documentation governing data and product releases. Embed ethical AI standards across AI-enabled features and safeguard data privacy. • Contribute to overall company success, draft, review and negotiate a wide variety of privacy and technology contracts and other legal documents, including privacy policies and notices, DPAs, BAAs, Security Addenda, licensing agreements, reseller, strategic partnership agreements, and data-related vendor-side contracts. • Support commercial legal staff with respect to licensing IP and AI, privacy obligations, international data transfers, regulatory compliance, subprocessor, consent and notice obligations and other liabilities. • Collaborate with other internal cross functional stakeholders, including go-to-market, support, professional services, security, people business partners, finance, operations, accounting, data, and marketing to ensure our business goals and internal ethical standards are informed by regulations and laws governing consumer protection, cybersecurity, AI, privacy and data protection (including GDPR, HIPAA, FTC, CCPA, CAN-SPAM, DORA, the privacy principles, the EU AI Act, and the EU Data Act, etc). • Track, analyze, and provide guidance on legal and regulatory changes and controls for the development of products and services. Spot and escalate privacy/AI compliance or governance gaps and recommend appropriate mitigation. • Enable legal team alignment, create/update playbooks, revise legal templates, mentor other legal and contract professionals on the team, and create robust, repeatable, transparent legal collaboration processes while prioritizing automation wherever possible.

• Draft and negotiate a broad range commercial agreements, including sales, vendor, partner, supplier, marketing, NDAs, and other commercial agreements • Iterate on Medallion’s core customer agreements (MSA, Order Form, SOW) to reflect the market, our customer base, and changes in law or industry practice • Support RFPs; look for opportunities to preempt and address customer questions adeptly and generally smooth the pre-sale process • Optimize and streamline legal review of vendor/supplier contracts • Support the Account Management team in navigating important customer relationships • Advise regarding legal issues, including identifying, managing, and communicating risks and opportunities in commercial transactions • Contribute to the creation of standardized negotiation and contractual term playbooks • Identify and implement improvements in GTM and Deal Desk processes and systems • Identify and assess both business and legal risks, and find creatives ways to mitigate them while aligning with our business objectives • Coordinate with external counsel as needed

• Serve as a key legal advisor supporting multiple business units, including care operations, medical affairs, pharmacy, product development, and policy teams, ensuring compliance with all applicable healthcare laws and regulations. • Provide practical, solution-oriented advice on telehealth, digital health, and pharmacy compliance, including issues related to the Corporate Practice of Medicine (CPOM), provider licensing, credentialing, prescribing, and scope of practice. • Counsel internal teams on federal and state healthcare regulatory frameworks, including FDA regulations, telehealth modalities, privacy (HIPAA), compounding, and professional practice standards. • Support the growth and product counsel teams on regulatory aspects of new product and service launches. • Partner with the public policy team to assess, interpret, and shape proposed laws, rules, and regulations affecting healthcare and pharmacy operations. • Proactively identify and mitigate legal risks related to healthcare operations, pharmacy services, and emerging digital health technologies. • Stay current on evolving state and federal healthcare laws, including developments from the FDA, Boards of Medicine, Boards of Pharmacy, and other regulatory bodies. • Collaborate with internal stakeholders to develop and maintain policies, procedures, and best practices that align with regulatory standards. • Other duties as assigned.