Director of Privacy

Company Overview

Founded in 2015, PHIL is a Series D health-tech startup that is building a platform that interfaces between doctors, pharmacies, and patients to streamline the process of patients receiving prescriptions. This is a complex, archaic industry, and we've set out to change that.

PHIL’s B2B2C platform provides an end-to-end prescription management and delivery service. Our robust platform connects patients, prescribers, pharmacies, and manufacturers, enabling easy and affordable access to medicine. Through its digital stakeholder experiences, patient access services, market access solutions, and distribution models, pharma manufacturers can deliver affordable and timely therapy access to patients, resulting in more patients staying on their treatment plans longer. Consequently, pharma manufacturers are enabled for more innovation.

The team at PHIL is a group of like-minded individuals from varying backgrounds, passionate about creating a new and innovative healthcare platform that is focused on patient experience and overall human wellbeing. Ready to join our team of mission-driven, analytical, and passionate people? Keep reading!

Position Overview

Phil is seeking a highly experienced and proactive Director of Privacy to establish and lead our enterprise-wide privacy program. This role is responsible for ensuring PHIL’s compliance with federal and state privacy regulations, strengthening our governance model, and operationalizing privacy practices across all business units. Reporting to the Vice President of Operational Excellence, you will serve as PHIL’s Director of Privacy and work closely with Legal, Operations, Product, Engineering, and HR.

You will drive Phil’s privacy strategy, ensuring company-wide adoption of privacy standards, and serve as a subject matter expert for leadership and cross-functional teams. This role sits within the Program Management Office and will help build PHIL’s long-term privacy governance and operational scale.

Responsibilities:

• Own PHIL’s enterprise privacy program, serving as the company’s Privacy Officer and primary point of accountability

• Lead compliance with HIPAA, state privacy regulations, and client-specific contractual requirements

• Develop and maintain privacy policies, procedures, training, and documentation

• Lead privacy risk assessments, impact assessments, and internal controls

• Partner with Operations, Product, Engineering, Security, and Legal to operationalize privacy requirements

• Build processes for privacy-by-design across product development and platform enhancements

• Oversee monitoring and auditing of privacy practices to ensure sustained compliance

• Lead PHIL’s privacy incident investigation and response processes in partnership with Security and Compliance

• Manage reporting workflows and external notifications as required

• Develop and deliver privacy training for teams across Phil, including Operations, Client Success, Product, and Engineering

• Serve as the internal advisor on privacy topics, providing clear guidance to cross-functional partners

• Establish privacy KPIs, reporting cadences, and mechanisms to track compliance, risk trends, and remediation

• Contribute to PMO frameworks, governance structures, and cross-functional ways of working

• Prepare materials for audits, client reviews, and regulatory inquiries

Qualifications:

• Bachelor’s degree in business, operations, compliance, information security, or a related field (or equivalent experience)

• 7–10 years of experience in privacy, compliance, program management, or related regulated industry roles

• Deep understanding of HIPAA, state privacy laws, data governance, and privacy operations

• Experience building or leading an enterprise privacy program at a healthcare, pharmacy, or SaaS organization

• Strong program management skills and comfort managing cross-functional initiatives

• Excellent communicator who can translate regulatory requirements into actionable steps

• Highly organized and capable of working in fast-moving, ambiguous environments

• Clear, concise communicator and skilled at translating complexity into action plans

• CIPP, CHPC, or other privacy certifications preferred but not required

Benefits

• Ground floor opportunity with one of the fastest-growing startups in health-tech

• Fully remote working environment out of these states: AZ, CA, CO, FL, GA, IA, ID, IL, IN, MA, MD, MI, MO, NC, NH, NJ, NY, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA, WI, WV

• Competitive compensation (commensurate with experience)

• Full benefits (medical, dental, vision).

• 401(k) contribution opportunity.

PHIL Inc. is an equal-opportunity employer.