Director, Compliance and Privacy

Pomelo CareNew York, NY
$180,000 - $210,000Remote

About The Position

Pomelo Care is seeking a Director of Compliance & Privacy to be the operational engine of their compliance and privacy programs as the company scales. This is a high-impact, "player-coach" leadership role for a seasoned operator who thrives on directly executing across a broad compliance portfolio, including privacy investigations, clinical compliance, and the annual audit plan, while ensuring operations keep pace with the business. The role reports to the Head of Compliance and can be based anywhere in the continental US. The Director will act as the critical right hand to the Head of Compliance, managing daily intake volume, leading complex investigations, and providing direct day-to-day guidance to compliance associates. They will also command the organizational authority needed to hold cross-functional teams accountable, ensuring processes protect members and enable business agility.

Requirements

  • 7+ years of experience in healthcare compliance or privacy, specifically within a clinical or medical group environment.
  • Deep expertise in HIPAA and HITECH, strong working knowledge of state privacy laws like CCPA/CPRA.
  • A proven track record as an investigator, with extensive experience managing complex healthcare compliance and privacy intakes from discovery to final disposition.
  • A track record of “operationalizing” rules. You don’t just read the law; you build the checklists and workflows that make it work for a busy team.
  • High empathy for members and care teams, with the ability to communicate complex rules in a clear and supportive way.
  • A “player-coach” mindset - you have the executive presence to command a room, but you genuinely enjoy doing the tactical work and aren’t afraid to dig into ticketing queues and spreadsheets.

Nice To Haves

  • A certification in healthcare compliance (CHC) or privacy (CHPC/CIPP) is strongly preferred.

Responsibilities

  • Directly lead and execute the day-to-day operations of the HIPAA privacy program, including personally conducting, documenting, and managing complex breach and privacy incident investigations.
  • Oversee the state privacy law program (CCPA/CPRA), ensuring data subject access requests (DSARs) and consent management workflows are executed flawlessly.
  • Manage and triage operational volume, logging into intake tools and Slack channels alongside the team to ensure compliance inquiries and incidents are resolved efficiently.
  • Provide daily operational guidance and decision-making support to the compliance team, serving as the primary escalation point for ambiguous or complex compliance questions.
  • Oversee the clinical and regulatory compliance work-stream, managing billing and coding compliance, state licensure, and health plan contractual obligations.
  • Serve as the primary operational interface with legal and compliance colleagues to translate complex legal requirements into practical, live workflows for our clinical and business partners.
  • Drive the execution of the annual Compliance Work and Audit Plan to proactively identify, monitor, and remediate potential risks across the business.
  • Manage and develop direct reports as the compliance organization scales, fostering a high-performing team culture of accountability and mentorship.

Benefits

  • Competitive healthcare benefits
  • Generous equity compensation
  • Unlimited vacation
  • Membership in the First Round Network (a curated and confidential community with events, guides, thousands of Q&A questions, and opportunities for 1-1 mentorship)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service