Director of Compliance

We are seeking an experienced Director of Compliance to lead and oversee our compliance programs. This role is responsible for ensuring the organization’s technology systems, processes, and data handling practices meet healthcare regulations and standards, and ensures the organization adheres to regulatory requirements such as HIPAA, SOC2, PCI and HITECH.

The ideal candidate will have a deep understanding of healthcare compliance, data security, and regulatory requirements and will collaborate closely with senior leadership to foster a compliance-driven culture within the company.

Key Responsibilities:

• Develop, implement, and maintain compliance programs specific to healthcare IT, ensuring adherence to all applicable regulations, including HIPAA, HITECH, and other federal, state, and industry regulations.
• Lead the creation and enforcement of compliance policies and procedures related to data privacy, security, and regulatory adherence.
• Manage internal compliance audits, identify areas for improvement, and ensure timely corrective actions. Oversee investigations related to compliance violations, data breaches, or privacy concerns.
• Develop and enforce policies (I think HR/Janine is part of enforcement) related to data protection, privacy, and secure handling of electronic health records (EHRs) and other sensitive data.
• Foster a culture of compliance and data security awareness across the organization.
• Stay up-to-date with changes in healthcare regulations and standards. Prepare and submit necessary reports to regulatory agencies, and communicate regulatory updates to key stakeholders.
• Work with external partners, vendors, and third parties to ensure their compliance with healthcare standards and company policies. Conduct due diligence and regular assessments of vendor compliance practices.
• Respond to Security Assessment Questionnaires from Prospects and Customers

Qualifications:

• Bachelor’s degree in Healthcare Administration, Business, Law, Information Technology, or a related field.
• 8+ years of experience in compliance, preferably within the healthcare or healthcare IT sector, with at least 3-5 years in a leadership role.
• Experience with HITRUST audits
• Strong knowledge of healthcare compliance regulations (HIPAA, HITECH, CMS, FDA, etc.).
• Familiarity with healthcare IT systems, electronic health records (EHR), and data security best practices.
• Experience in risk assessment, internal auditing, and compliance software tools.
• CHC (Certified in Healthcare Compliance), CHPC (Certified in Healthcare Privacy Compliance), CIPP/US (Certified Information Privacy Professional), or similar certifications.
• Strong leadership, analytical, and problem-solving skills.
• Excellent communication abilities to interface effectively with technical and non-technical stakeholders.
• High ethical standards and a commitment to compliance and confidentiality.

• Competitive salary
• Great benefits package including medical, dental, vision, HSA & FSA plans
• 401(k)
• Generous PTO plan, plus 12 paid national holidays
• Fun, collaborative environment where the company is working to define the future of telemedicine
• Excellent opportunity for professional growth