Roles and Responsibilities Matrix
This page clarifies who owns what at Timeless Biotech. We use a RACI-style matrix to avoid confusion about decision-making authority and implementation responsibility.
Legend:
- R = Responsible (does the work)
- A = Accountable (final authority, decision maker)
- C = Consulted (provides input)
- I = Informed (told of decisions)
Team Key:
- CEO = Founder/CEO
- TL = Founding Technical Lead
- MLS = Founding Machine Learning Scientist
- CL = Commercial Lead
| Activity |
CEO |
TL |
MLS |
CL |
| AWS infrastructure setup |
I |
A,R |
C |
- |
| Database administration |
I |
A,R |
C |
- |
| Backups & disaster recovery |
I |
A,R |
- |
- |
| Security patching |
I |
A,R |
- |
- |
| Infrastructure costs |
A |
R |
- |
C |
| Scaling decisions (cost impact) |
A |
R,C |
C |
C |
| VPC & network design |
I |
A,R |
- |
- |
| Monitoring & alerts |
I |
A,R |
- |
- |
| Incident response |
I |
A,R |
C |
C |
Security & Compliance
| Activity |
CEO |
TL |
MLS |
CL |
| HIPAA policy implementation |
A |
R |
C |
C |
| Data encryption (at-rest, in-transit) |
I |
A,R |
- |
- |
| Access controls & authentication |
I |
A,R |
C |
- |
| Audit logging |
I |
A,R |
- |
- |
| De-identification pipeline |
I |
R,C |
A,R |
- |
| Security training |
I |
R |
R |
R |
| Incident response (data breach) |
A |
R |
C |
C |
| Compliance audits |
A |
R,C |
C |
C |
| Vendor security review |
A |
R,C |
- |
C |
| Password & MFA policy |
I |
A,R |
- |
- |
Product & Features
| Activity |
CEO |
TL |
MLS |
CL |
| Product vision & strategy |
A |
C |
C |
C |
| Feature prioritization |
A |
C |
C |
C |
| Clinical data model |
I |
C |
A,R |
C |
| Data collection form design |
I |
C |
A,R |
C |
| API design & contracts |
I |
A,R |
C |
- |
| UI/UX implementation |
I |
A,R |
C |
C |
| Feature testing & QA |
I |
A,R |
C |
- |
| Clinical validation |
I |
C |
A,R |
- |
| Provider feedback integration |
C |
C |
C |
A,R |
| Release planning |
A |
A,R |
C |
I |
Data Science & ML
| Activity |
CEO |
TL |
MLS |
CL |
| ML model development |
I |
C |
A,R |
- |
| Data pipeline design |
I |
R,C |
A,R |
- |
| Data quality standards |
I |
C |
A,R |
- |
| Analytics & reporting |
I |
C |
A,R |
C |
| Research methodology |
I |
- |
A,R |
- |
| Research partnerships |
C |
- |
A,R |
C |
| IRB submissions |
I |
- |
A,R |
- |
| Publications |
C |
- |
A,R |
- |
| Data access policies |
A |
R,C |
R,C |
- |
| Data retention policies |
A |
R |
C |
- |
Commercial & Operations
| Activity |
CEO |
TL |
MLS |
CL |
| Clinic acquisition |
A |
- |
- |
R |
| Clinic onboarding |
I |
C |
C |
A,R |
| Provider relationships |
C |
- |
C |
A,R |
| Contract negotiation |
A |
- |
- |
R |
| Go-to-market strategy |
A |
- |
C |
R |
| Provider support (non-technical) |
- |
- |
- |
A,R |
| Provider support (technical) |
- |
A,R |
- |
C |
| Training materials |
I |
C |
C |
A,R |
| Customer communication |
C |
- |
- |
A,R |
Development & Code
| Activity |
CEO |
TL |
MLS |
CL |
| Code quality standards |
- |
A,R |
C |
- |
| Code review |
- |
A,R |
C |
- |
| Testing strategy |
- |
A,R |
- |
- |
| Deployment process |
I |
A,R |
- |
C |
| Rollback decisions |
- |
A,R |
- |
- |
| Technical debt management |
- |
A,R |
- |
- |
| Tooling & framework choices |
- |
A,R |
C |
- |
| Performance optimization |
- |
A,R |
C |
- |
| CI/CD pipeline |
- |
A,R |
- |
- |
Budget & Strategy
| Activity |
CEO |
TL |
MLS |
CL |
| Fundraising |
A,R |
C |
C |
C |
| AWS budget |
A |
R |
C |
- |
| Tool/software purchases |
A |
R,C |
C |
C |
| Hiring decisions |
A |
C |
C |
C |
| Team structure |
A |
C |
C |
C |
| Revenue forecasting |
A |
- |
- |
R |
| Capital allocation |
A |
- |
- |
- |
Key Decision Points
Major Features
- Decision owner: Founder/CEO (with input from all leads)
- Process: Roadmap sync (weekly), quarterly planning
- Communication: Discussed in weekly leads meeting
Infrastructure Scaling
- Decision owner: Founding Technical Lead (CEO if cost exceeds $500/mo increase)
- Process: Capacity planning, cost justification
- Communication: CEO approval for significant cost changes
New Clinic Partnerships
- Decision owner: Commercial Lead (CEO for strategic partnerships)
- Process: Requirements assessment, data needs review with ML Scientist
- Communication: Leads meeting
Incident Response
- Decision owner: Founding Technical Lead
- Process: Assess severity, coordinate response, post-mortem
- Communication: Real-time updates, post-mortem shared with all leads
Policy Changes
- Decision owner: Depends on domain
- Security/infrastructure: Founding Technical Lead
- Data/clinical: Founding ML Scientist
- Commercial: Commercial Lead
- Company-wide: Founder/CEO
- Process: Proposal, feedback from relevant leads, documentation
- Communication: Updated in this playbook
When Roles Conflict
If there's disagreement about who should own something:
- Check this matrix: Start here
- Discuss with the relevant lead: Clarify ownership
- Escalate to the Founder/CEO: Final call on any disputes
- Document the decision: Update this matrix
At our size, most decisions happen through quick conversations. This matrix exists to provide clarity when needed, not to create bureaucracy.
Last updated: February 2026