Director, Compliance

Claritas Rx
$180,000 - $220,000Remote

About The Position

Reporting to the Chief Financial Officer (CFO), the Director of Compliance is the hands-on owner and administrator of the Claritas Rx compliance program. We are seeking a proactive person who surfaces information early, flags risk before it becomes urgent and arrives with clear recommendations. The focus will be on building, enforcing, and reporting on compliance across the business, with privacy as a strong advisory component. Just as important, this person frames security and privacy considerations in business terms so leadership can weigh real tradeoffs and make well-informed decisions.

Requirements

  • Proactive operator: you surface issues and risks early and come with a clear, actionable recommendation rather than waiting to be asked.
  • Strong business acumen: you frame compliance, privacy, and security tradeoffs in business terms; opportunity cost, revenue impact, and client trust, so leadership can make informed decisions.
  • 7+ years in compliance, privacy, or commercial regulatory roles, with in-house experience at a biopharma or pharma-services company strongly preferred.
  • Expert knowledge of HIPAA, SOC 2, and CCPA/CPRA; working familiarity with GDPR and relevant pharma industry codes/guidelines.
  • Demonstrated ownership of SOC 2 attestations and customer security/IT assessments.
  • Experience owning BAAs and Third-Party/Data Use Agreements—review, approval, and process design.
  • Sound, practical judgment interpreting and applying laws, regulations, industry codes, and company policy.
  • Comfortable and credible in customer- and partner-facing settings; able to advise, counsel, and build consensus across all levels, including executive leadership.
  • High level of integrity and trust, with discretion to handle investigations and sensitive matters confidentially.
  • Strong analytical skills, attention to detail, and project-management ability in a fast-paced, dynamic environment.
  • Excellent writing skills; a confident, polished communicator.
  • Bachelor’s degree required.

Nice To Haves

  • Direct experience in specialty pharmacy, biopharma, or life-sciences data environments (e.g., manufacturer, specialty pharmacy, hub, or data-vendor settings).
  • Experience advising on privacy and security within a product or data-platform context.
  • Familiarity with HITRUST and broader information-security frameworks.
  • Relevant certifications (e.g., CHC, CHPC, CIPP/US).

Responsibilities

  • Own the Claritas Rx compliance program end to end; policymaking, enforcement, monitoring, reporting, and tracking, across all applicable federal, state, and local regulations governing the Company’s practices.
  • Maintain the compliance policy and procedure library and drive consistent enforcement across employees, agents, and contractors.
  • Manage and further develop the internal risk-assessment program; report compliance and operational risk to leadership with clear, prioritized recommendations.
  • Coordinate, conduct, and report audit and investigative activities; lead compliance-related interactions with outside advisors (legal, regulatory, auditors, consultants).
  • Nurture and foster a culture of compliance and ethics across the Company.
  • Fully own the maintenance of the Company’s SOC 2 attestation, customer and partner IT/security assessments, and related certifications; partnering with Engineering/IT, who own technical implementation.
  • Serve as a customer- and partner-facing point of contact for compliance and data-sharing questions.
  • Lead impact assessments of data-sharing arrangements and compliance issues that affect customers and partners, translating them into practical guidance and recommendations.
  • Serve as the internal resource to customer- and partner-facing teams, training and enabling them on data-sharing issues and requirements so they can handle routine questions with confidence.
  • Own the policies, review/approval workflow, and contracts database for all Business Associate Agreements (BAAs) and Third-Party / Data Use Agreements (DUAs).
  • Advise the business on the protection of both internal sensitive data and customer/patient PHI/PII across all media.
  • Articulate privacy policies and apply sound business judgment—moving beyond binary, true/false determinations to risk-weighted recommendations leadership can act on.
  • Own HIPAA and applicable state breach determination and notification processes.
  • Other duties or projects as assigned.

Benefits

  • flexible work environment
  • unlimited PTO
  • stock options
  • competitive salary
  • benefits package
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service