Director, Compliance and Privacy
ExternalPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
About the role
Pomelo Care is the leading virtual medical practice for women and children, providing care across pregnancy, postpartum, pediatrics, menopause, and perimenopause. We combine proactive, 24/7 clinical care with technology that helps us reach patients earlier, identify risks sooner, and deliver personalized care throughout their journey. Our team includes clinicians, technologists, operators, and problem-solvers working together to make high-quality care more accessible for families nationwide. We are looking for a Director of Compliance & Privacy to serve as the operational engine of our compliance and privacy programs as Pomelo Care scales. This is a high-impact, "player-coach" leadership role designed for a seasoned operator who thrives on directly executing across a broad compliance portfolio, from privacy investigations and clinical compliance to the annual audit plan, while helping to keep operations running at the pace of the business. You will act as the critical right hand to the Head of Compliance, managing the daily intake volume, leading complex investigations, and providing the direct day-to-day guidance that unblocks our compliance associates. You will command the organizational authority needed to hold cross-functional teams accountable, ensuring our processes protect our members and enable the business to move fast. This role reports to our Head of Compliance and can be based anywhere in the continental US.
Responsibilities
- Directly lead and execute the day-to-day operations of the HIPAA privacy program, including personally conducting, documenting, and managing complex breach and privacy incident investigations.
- Oversee the state privacy law program (CCPA/CPRA), ensuring data subject access requests (DSARs) and consent management workflows are executed flawlessly.
- Manage and triage operational volume , logging into intake tools and Slack channels alongside the team to ensure compliance inquiries and incidents are resolved efficiently.
- Provide daily operational guidance and decision-making support to the compliance team, serving as the primary escalation point for ambiguous or complex compliance questions.
- Oversee the clinical and regulatory compliance work-stream , managing billing and coding compliance, state licensure, and health plan contractual obligations.
- Serve as the primary operational interface with legal and compliance colleagues to translate complex legal requirements into practical, live workflows for our clinical and business partners.
- Drive the execution of the annual Compliance Work and Audit Plan to proactively identify, monitor, and remediate potential risks across the business.
- Manage and develop direct reports as the compliance organization scales, fostering a high-performing team culture of accountability and mentorship.
Requirements
- 7+ years of experience in healthcare compliance or privacy, specifically within a clinical or medical group environment.
- Deep expertise in HIPAA and HITECH, strong working knowledge of state privacy laws like CCPA/CPRA.
- A proven track record as an investigator, with extensive experience managing complex healthcare compliance and privacy intakes from discovery to final disposition.
- A track record of "operationalizing" rules. You don't just read the law; you build the checklists and workflows that make it work for a busy team.
- High empathy for members and care teams, with the ability to communicate complex rules in a clear and supportive way.
- A "player-coach" mindset - you have the executive presence to command a room, but you genuinely enjoy doing the tactical work and aren't afraid to dig into ticketing queues and spreadsheets.
- A certification in healthcare compliance (CHC) or privacy (CHPC/CIPP) is strongly preferred.
- Why you should join our team
- By joining Pomelo, you will get in on the ground floor of a fast-moving, well-funded, and mission-driven startup that always puts the patient first. You will learn, grow and be challenged, and have fun with your team while doing it.
- We strive to create an environment where employees from all backgrounds are respected. We also offer:
- Competitive healthcare benefits
- Generous equity compensation
- Unlimited vacation
- Membership in the First Round Network (a curated and confidential community with events, guides, thousands of Q&A questions, and opportunities for 1-1 mentorship)
Benefits
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at pomelocare? Share your experience