Role Summary

The Compliance & Data Officer is responsible for ensuring regulatory compliance, data governance and information security across the Synth product portfolio. This role establishes policies, safeguards data integrity and ensures adherence to legal, contractual and internal governance standards.

The position acts as the custodian of compliance frameworks, privacy protection and data lifecycle management while supporting secure product delivery and operational excellence.

Core Ownership

• Regulatory compliance and policy enforcement

• Data governance and privacy frameworks

• Information security oversight

• Access control governance

• Audit readiness and documentation

• Risk assessment and mitigation

• Compliance reporting and incident handling

• Data lifecycle and retention standards

Key Responsibilities

Compliance Governance

• Define and maintain compliance policies and procedures

• Ensure adherence to healthcare and education regulations

• Maintain audit-ready documentation and controls

• Monitor compliance risks and corrective actions

• Coordinate internal and external audits

• Track regulatory changes and adapt policies

• Investigate compliance incidents and breaches

• Establish escalation protocols

Data Governance & Security

• Define data ownership and access frameworks

• Oversee data privacy and protection standards

• Ensure secure handling of sensitive information

• Implement data classification and retention policies

• Review system access controls and permissions

• Monitor data integrity and usage

• Coordinate with DevOps and engineering on security

• Drive incident response and reporting

Organizational Oversight

• Train teams on compliance and data policies

• Promote a culture of governance and accountability

• Maintain compliance dashboards and reporting

• Partner with product and delivery leadership

• Advise leadership on risk exposure

Required Skills

• Strong understanding of compliance frameworks

• Knowledge of data privacy and security principles

• Policy design and governance experience

• Risk management and audit readiness

• Access control and data lifecycle expertise

• Analytical and documentation strength

• Strong cross-functional communication

• High integrity and decision accountability

Preferred Skills

• Experience in healthcare or regulated industries

• Familiarity with ISO, NABH, ABDM, NBA, CMM, HIPAA-like frameworks

• Cloud security awareness

• Enterprise software governance exposure

Experience

• 8+ years in compliance, governance or data security

• Experience in enterprise software environments

Success Metrics

• Audit readiness and compliance score

• Zero major compliance breaches

• Data incident response time

• Policy adoption across teams

• Risk mitigation effectiveness

• Access governance accuracy

• Documentation completeness

• Regulatory adherence consistency