Director of Compliance and Legal, Life Science

About The Position

Requirements

• 7–15 years of experience in legal, compliance, or regulatory roles within healthcare, pharma, biotech, digital health, or life sciences services organizations. A mix of law firm and in-house experience is valued.
• JD from an accredited law school
• Significant experience negotiating enterprise commercial contracts with pharma and large healthcare organizations, including MSAs, BAAs, DPAs, and technology licensing agreements.
• Strong working knowledge of healthcare compliance frameworks including HIPAA, anti-kickback statute, false claims act, Sunshine Act, PhRMA Code, and state-level healthcare regulations.
• Direct experience engaging with pharma legal, compliance, procurement, and governance teams as part of enterprise sales or vendor qualification processes.
• Ability to build compliance programs and legal operations from early stages in environments where they don't yet fully exist.
• Comfort working in high-growth environments with limited structure and high expectations for ownership, judgment, and cross-functional collaboration.
• Exceptional written and verbal communication skills with the ability to make complex legal and regulatory concepts accessible to both customers and internal non-legal teams.

Nice To Haves

• Experience with digital health platforms, AI in healthcare, SaaS, or patient engagement technologies.
• Familiarity with GDPR, EU AI Act, and international data privacy and AI governance frameworks.
• Prior experience on the vendor or technology side selling into or deploying within large pharma organizations.
• Understanding of FDA-regulated software, medical device classification, or clinical trial regulations.
• Certified in Healthcare Compliance (CHC) or similar certification is a plus.
• Startup or early-stage company experience.
• Additional degree (MBA, MPH, MS) is a plus.

Responsibilities

• Lead all commercial contract negotiations with pharma partners and enterprise customers, including NDAs, master service agreements, BAAs, data processing agreements, statements of work, and licensing terms.
• Develop and maintain a contract playbook with standardized terms, pre-approved fallback positions, and escalation criteria that enable Sales to move efficiently through pharma procurement and legal review cycles.
• Serve as the primary legal point of contact for customer legal, procurement, and compliance teams during deal negotiations and ongoing account management.
• Provide responsive, commercially oriented legal guidance that helps close enterprise deals by resolving customer concerns around liability, indemnification, IP ownership, data rights, and regulatory obligations.
• Review and advise on partnership structures, channel agreements, reseller arrangements, and strategic collaborations with pharma and life sciences organizations.
• Manage outside counsel relationships and coordinate external legal support for specialized matters as needed.
• Build and operationalize a compliance program that meets the expectations of pharma and enterprise healthcare customers, covering healthcare regulations, anti-kickback, transparency reporting, promotional compliance, and industry codes of conduct.
• Develop customer-facing compliance documentation, certifications, and audit-readiness materials that pharma partners require during vendor qualification and ongoing governance reviews.
• Participate directly in customer compliance reviews, vendor assessments, and governance discussions — representing Hippocratic AI's compliance posture to pharma legal, compliance, and procurement stakeholders.
• Advise Sales and Customer Success teams on how to navigate customer compliance requirements, vendor onboarding processes, and governance frameworks at major pharma organizations.
• Maintain awareness of customer-side compliance expectations including PhRMA Code, OIG guidance, Sunshine Act, and state-level transparency and marketing regulations, and ensure the company's operations align accordingly.
• Establish compliance monitoring, training, and reporting processes that scale with the company's growing customer base and deployment footprint.
• Own the company's data privacy compliance strategy across HIPAA, GDPR, state privacy laws, and industry-specific requirements — with a focus on meeting the privacy and security expectations of pharma and medtech customers.
• Develop and maintain privacy policies, data processing frameworks, breach notification procedures, and cross-border data transfer mechanisms.
• Serve as the primary point of contact for customer privacy, security, and IT governance teams during sales processes, security questionnaires, and deployment reviews.
• Partner with Engineering and Product to ensure privacy-by-design principles are embedded in platform architecture and can be demonstrated credibly to customers.
• Monitor and interpret evolving regulations affecting AI in healthcare, including FDA AI/ML guidance, EU AI Act, and emerging state and federal legislation, and advise leadership and customer-facing teams on their implications.
• Partner with Medical Affairs to ensure the company's compliance posture addresses MLR requirements, non-promotional standards, and adverse event reporting obligations from a legal and regulatory perspective.
• Support customer-facing conversations where pharma regulatory, legal, and governance stakeholders require assurance of the company's regulatory positioning and compliance infrastructure.
• Develop frameworks and documentation that articulate the company's AI governance practices, model oversight, and responsible AI commitments in terms that satisfy pharma and enterprise compliance expectations.