Director of Privacy
Phil, Inc.
full-time
Posted on:
Location Type: Remote
Location: Arizona • California • United States
Visit company websiteExplore more
Job Level
About the role
- Own PHIL’s enterprise privacy program, serving as the company’s Privacy Officer and primary point of accountability
- Lead compliance with HIPAA, state privacy regulations, and client-specific contractual requirements
- Develop and maintain privacy policies, procedures, training, and documentation
- Lead privacy risk assessments, impact assessments, and internal controls
- Partner with Operations, Product, Engineering, Security, and Legal to operationalize privacy requirements
- Build processes for privacy-by-design across product development and platform enhancements
- Oversee monitoring and auditing of privacy practices to ensure sustained compliance
- Lead PHIL’s privacy incident investigation and response processes in partnership with Security and Compliance
- Manage reporting workflows and external notifications as required
- Develop and deliver privacy training for teams across Phil, including Operations, Client Success, Product, and Engineering
- Serve as the internal advisor on privacy topics, providing clear guidance to cross-functional partners
- Establish privacy KPIs, reporting cadences, and mechanisms to track compliance, risk trends, and remediation
- Contribute to PMO frameworks, governance structures, and cross-functional ways of working
- Prepare materials for audits, client reviews, and regulatory inquiries
Requirements
- Bachelor’s degree in business, operations, compliance, information security, or a related field (or equivalent experience)
- 7–10 years of experience in privacy, compliance, program management, or related regulated industry roles
- Deep understanding of HIPAA, state privacy laws, data governance, and privacy operations
- Experience building or leading an enterprise privacy program at a healthcare, pharmacy, or SaaS organization
- Strong program management skills and comfort managing cross-functional initiatives
- Excellent communicator who can translate regulatory requirements into actionable steps
- Highly organized and capable of working in fast-moving, ambiguous environments
- Clear, concise communicator and skilled at translating complexity into action plans
- CIPP, CHPC, or other privacy certifications preferred but not required
Benefits
- Ground floor opportunity with one of the fastest-growing startups in health-tech
- Fully remote working environment out of these states: AZ, CA, CO, FL, GA, IA, ID, IL, IN, MA, MD, MI, MO, NC, NH, NJ, NY, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA, WI, WV
- Competitive compensation (commensurate with experience)
- Full benefits (medical, dental, vision).
- 401(k) contribution opportunity.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
privacy program managementprivacy risk assessmentsimpact assessmentsprivacy policies developmentcompliance monitoringprivacy incident investigationdata governanceprivacy operationsreporting workflowsaudit preparation
Soft Skills
communicationorganizational skillscross-functional collaborationprogram managementproblem-solvingadaptabilitytraining deliveryguidance provisionconcisenessclarity
Certifications
CIPPCHPC