Role: Chief Privacy and Compliance Officer
Location: Remote
Duration: 6 months CTH
Document: Green card or US Citizen
Job Description
Overview of project/skills required:
Looking to hire a Chief Privacy Officer and are willing to consider a CTH candidate from us. Here's the draft role description, this is currently a draft and currently pending input from all of their Legal team. We can get started and can use it as general guidance knowing that there is likely changes that will be made as others from the client’s Legal team chime in in the next few weeks.
Department: Executive Team
Reports To: Stellarus Legal with long-term reporting structure TBD
⸻
About Us
We are a fast-growing for-profit healthcare technology company focused on delivering secure, intelligent, and user-friendly digital health products. Our mission is to improve health outcomes and generate value for our health plan customers by combining innovative technology, insight, and responsible data practices to serve healthcare organizations.
⸻
Role Overview
As our first Chief Privacy and Compliance Officer, you will design and lead a comprehensive privacy and compliance program tailored to a fast-moving startup environment. You will play a hands-on role in ensuring that our digital health solutions comply with healthcare regulations (e.g., HIPAA, HITECH, CCPA) and internal ethical standards—without slowing down innovation.
This role blends strategic oversight with the ability to execute quickly and build processes from the ground up.
⸻
What You’ll Do
Privacy & Data Governance
• Act as the company’s Privacy Officer and Compliance Officer.
• Establish privacy policies, procedures, and data use governance aligned with HIPAA, HITECH, CCPA, and similar U.S. regulations.
• Partner with Product, Engineering, Security, and teams to embed privacy into the product lifecycle.
• Participate in privacy impact assessments, incident response planning, and data breach mitigation efforts.
• Monitor the evolving regulatory landscape and maintain organizational readiness.
Compliance Program Leadership
• Build and operate a scalable compliance program suited for a growing tech organization.
• Develop and deliver compliance training and awareness programs.
• Manage and ensure internal and external audit readiness (e.g., HIPAA audits, SOC 2, HITRUST).
• Manage and ensure third-party compliance with data handling standards.
Executive Strategy & Operations
• Advise the Board, CEO and Executive Leadership team on privacy and compliance risks, regulatory trends, and operational requirements.
• Provide practical, business-focused guidance to enable compliant innovation.
• Develop metrics, internal and external reporting and dashboards that demonstrate the effectiveness of the privacy and compliance program.
• Represent the company in regulatory interactions and industry forums, where applicable.
⸻
What You’ll Bring
Required:
• 8–10+ years of experience in privacy, compliance, legal, or regulatory roles within healthcare or health technology.
• Deep understanding of HIPAA, HITECH, CCPA, and healthcare industry data requirements.
• Experience building or scaling privacy and compliance programs in startup or fast-paced technology environments.
• Strong ability to collaborate cross-functionally and communicate complex issues clearly.
• Hands-on, solution-focused mindset with strong project execution skills.
