We are representing rapidly expanding ‘Y Combinator’ startup healthcare technology company in their search for a Compliance & Privacy Officer.
Why Join Us:
- Company built around serving healthcare systems and government bodies that benefit the most vulnerable populations across the US
- Hands on opportunity to create and implement compliance strategy with the freedom to innovate
- Agile startup culture with significant company and personal growth potential including equity
Expectations first 12 months:
- Identify key areas of compliance program improvement, initiate strategy and implementation of a streamlined and uniform enterprise wide program
- Spearhead the development, communication, implementation and oversight of an effective operational compliance program
Responsibilities:
- Reporting to the General Counsel and responsible for continuing implementation and oversight of compliance and privacy programs, allowing internal and external stakeholders to be confident in the security and privacy of applications and handling of data
- Working closely with legal, engineering and product teams regarding compliance and privacy program expectations and requirements; defining milestones and success criteria, resource allocation and successful on-time delivery
- Review and implement procedures, policies and systems to help guide our overall security and privacy policies and governance architecture
- Ensure compliance with internal policies in accordance with relevant legal and regulatory requirements, including local (e.g. CCPA) and national (e.g. HIPAA)
- Prepare compliance audit data and manage external assessors through the lifecycle of assessments (e.g. SOC 1/SOC 2, HIPAA)
- Oversee compliance training and communications programs, ensuring buy in and continuing employee education
- Conduct organizational risk assessments and ensure execution of improvement actions
- Perform pre- and post-implementation audits of significant system implementations
- Perform technical reviews of new and current technology vendors
- Support customer and internal requests related to information privacy and security
Requirements:
- Essential Education: Bachelor’s degree
- Compliance Experience: You must bring a minimum of five years of compliance and privacy experience, ideally from a healthcare technology and/or startup background
- Demonstrable experience in multiple compliance/audit frameworks, supporting various types of assurance, e.g. SOC 1/SOC 2 (SSAE18), HIPAA, HITRUST, and NIST CS, etc.
Application Process for Compliance & Privacy Officer:
Qualified professionals are to submit resume to Steve Harrison: steve@conselium.com
Published by Conselium Executive Search, the global leader in compliance search.
