Head of Enterprise Compliance & Privacy

Thyme Care Thyme Care · Healthcare · Nashville, TN · Remote · Legal & Compliance

This role is for a Head of Enterprise Compliance & Privacy at Thyme Care, a healthcare company focused on cancer care. The role involves leading and scaling compliance and privacy programs, advising the executive team, and ensuring adherence to regulations like HIPAA. While the company uses AI and technology, this specific role is focused on compliance and privacy, not on building or developing AI/ML models or systems.

What you'd actually do

  1. Reporting to and working alongside the Chief Legal Officer, and lead enterprise compliance and strategy at a rapidly growing, mission-obsessed organization
  2. Advise executive team and embed compliance into key decisions and expansion efforts
  3. Build and scale compliance and privacy programs across organization, including clinical operations, telehealth programs, payer and provider partnerships, and new strategic initiatives
  4. Scale and audit compliance and privacy programs through monitoring, investigations, remediation, and data-driven insights
  5. Serve as the face and voice of compliance at an organization that understands compliance is everyone’s responsibility

Skills

Required

  • Healthcare compliance leadership
  • Enterprise compliance strategy
  • HIPAA
  • TEFCA
  • Medicare
  • Fraud, waste, and abuse regulations
  • Telehealth regulations
  • Multi-state care models
  • Executive presence
  • C-suite stakeholder influence
  • Risk management
  • Audit and risk functions
  • Regulatory audits
  • Payer compliance
  • External stakeholder engagement
  • Building and scaling teams

Nice to have

  • Experience in high-growth, technology-enabled healthcare organizations
  • Advanced degree or certification (JD, MPH, MBA, or CHC)

What the JD emphasized

  • 10+ years of healthcare compliance leadership with enterprise ownership in complex, regulated environments
  • Deep expertise in federal and state regulations including HIPAA, TEFCA, Medicare, and fraud, waste, and abuse, with experience in telehealth and multi-state care models
  • Significant experience with regulatory audits, payer compliance, and external stakeholder engagement