Director of Privacy
Phil, Inc.
full-time
Posted on:
Location Type: Remote
Location: Remote • Arizona, California, Colorado, Florida, Idaho, Illinois, Iowa, Maryland, Massachusetts, Missouri, Montana, New Hampshire, New Jersey, New York, North Carolina, Ohio, Oklahoma, Oregon, Pennsylvania, South Carolina, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin • 🇺🇸 United States
Visit company websiteJob Level
Lead
About the role
- Own PHIL’s enterprise privacy program, serving as the company’s Privacy Officer and primary point of accountability
- Lead compliance with HIPAA, state privacy regulations, and client-specific contractual requirements
- Develop and maintain privacy policies, procedures, training, and documentation
- Lead privacy risk assessments, impact assessments, and internal controls
- Partner with Operations, Product, Engineering, Security, and Legal to operationalize privacy requirements
- Build processes for privacy-by-design across product development and platform enhancements
- Oversee monitoring and auditing of privacy practices to ensure sustained compliance
- Lead PHIL’s privacy incident investigation and response processes in partnership with Security and Compliance
- Manage reporting workflows and external notifications as required
- Develop and deliver privacy training for teams across Phil, including Operations, Client Success, Product, and Engineering
- Serve as the internal advisor on privacy topics, providing clear guidance to cross-functional partners
- Establish privacy KPIs, reporting cadences, and mechanisms to track compliance, risk trends, and remediation
- Contribute to PMO frameworks, governance structures, and cross-functional ways of working
- Prepare materials for audits, client reviews, and regulatory inquiries
Requirements
- Bachelor’s degree in business, operations, compliance, information security, or a related field (or equivalent experience)
- 7–10 years of experience in privacy, compliance, program management, or related regulated industry roles
- Deep understanding of HIPAA, state privacy laws, data governance, and privacy operations
- Experience building or leading an enterprise privacy program at a healthcare, pharmacy, or SaaS organization
- Strong program management skills and comfort managing cross-functional initiatives
- Excellent communicator who can translate regulatory requirements into actionable steps
- Highly organized and capable of working in fast-moving, ambiguous environments
- Clear, concise communicator and skilled at translating complexity into action plans
- CIPP, CHPC, or other privacy certifications preferred but not required
Benefits
- Ground floor opportunity with one of the fastest-growing startups in health-tech
- Fully remote working environment out of these states: AZ, CA, CO, FL, GA, IA, ID, IL, IN, MA, MD, MI, MO, NC, NH, NJ, NY, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA, WI, WV
- Competitive compensation (commensurate with experience)
- Full benefits (medical, dental, vision).
- 401(k) contribution opportunity.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
privacy program managementprivacy risk assessmentsimpact assessmentsprivacy policies developmentcompliance monitoringprivacy incident investigationdata governanceprivacy operationsreporting workflowsaudit preparation
Soft skills
communicationorganizational skillscross-functional collaborationprogram managementproblem-solvingadaptabilitytraining deliveryguidance provisionconcisenessclarity
Certifications
CIPPCHPC