Compliance Manager

Role Overview

• Develop, implement, and maintain the company’s enterprise compliance program, including policies, procedures, and internal controls aligned with healthcare regulatory standards.
• Serve as the organization’s Privacy Officer, monitoring adherence to applicable federal and state healthcare regulations.
• Establish and maintain a compliance monitoring and auditing program to proactively identify risks and ensure operational compliance.
• Conduct internal audits and compliance reviews.
• Lead payer audit preparation and response support.
• Manage HIPAA Security Risk Assessments and remediation efforts, internally or through vendors.
• Identify and mitigate regulatory risk before it becomes operational or financial exposure.
• Ensure compliance with key healthcare regulations including HIPAA, HITECH, state licensing requirements, telehealth regulations, and payer compliance obligations.
• Monitor regulatory changes across the healthcare landscape and translate requirements into operational policies and procedures.
• Support clinical and operational teams in maintaining compliance with documentation, privacy, and care delivery requirements.
• Oversee compliance for telehealth.
• Ensure compliance with HIPAA Privacy and Security, Anti-Kickback Statute, Stark Law, CMS rules, and state regulations.
• Review clinical workflows, documentation standards, and care team roles for regulatory alignment.
• Evaluate new service lines, partnerships, and initiatives for compliance and reimbursement risk.
• Ensuring proper operating procedures are in place for compliance relating to employee onboarding and client admissions, clinical documentation, treatment, and discharge.
• Partner with IT and Security teams to oversee HIPAA privacy and security compliance, including policies governing PHI, access controls, and incident response.
• Lead internal investigations related to potential privacy or compliance violations and coordinate remediation efforts.
• Conduct periodic compliance risk assessments and internal audits across clinical, operational, and technical systems.
• Develop corrective action plans when gaps are identified and ensure timely resolution.
• Prepare the organization for regulatory reviews, audits, and accreditation processes when applicable.
• Conducts bench testing/auditing of business activities to confirm that compliance controls are operating effectively.
• Leverages data analytics and investigative techniques to identify compliance trends, assess risks, and share actionable insights with key stakeholders.
• Assist to ensure that ongoing regulatory and accreditation requirements such as internal inspections, written assessments, and emergency drills are completed on time.
• Work closely with Legal, HR, Clinical Leadership, IT, Security, and Operations to integrate compliance practices into day-to-day workflows.
• Support vendor and partner compliance reviews, including due diligence related to data privacy and regulatory obligations.
• Review marketing, patient communications, and external materials for compliance risk.
• Advise leadership on MSO and medical group structural compliance and contracting considerations.
• Monitor regulatory changes and brief leadership on impact and required actions.
• Ensure each office in assigned state(s) are operating within company policy, state licensing regulations and The Joint Commission Standards.
• Ensure that all staff in assigned state(s) are onboarded within company policy, state licensing regulations and The Joint Commission Standards.
• Obtain initial facility licenses for Mental Health and Substance Use Disorder Outpatient Treatment.
• Host and organize site visits/surveys/inspections; travel required.
• Maintain office space compliance for the assigned state(s).

Requirements

• 5+ years of experience in healthcare compliance, healthcare operations, or regulatory risk management, ideally in multi-state or growth environments
• Experience supporting medical groups, MSOs, telehealth models, or behavioral health care delivery
• Strong knowledge of HIPAA, healthcare regulatory frameworks, and privacy/security requirements.
• Experience building or managing a compliance program within a healthcare organization or healthcare technology company.
• Familiarity with IT compliance frameworks such as SOC 2, HITRUST, NIST, or similar regulatory/security standards.
• Ability to interpret complex regulatory requirements and translate them into practical operational policies and processes.
• Demonstrated ability to work cross-functionally with legal, clinical, and technical teams.
• Preferred Experience in behavioral health, telehealth, or digital health environments.
• Professional certifications such as CHC (Certified in Healthcare Compliance) or CHPC, strongly preferred
• Experience supporting organizations operating across multiple states and payer environments.

Benefits

• Competitive compensation package
• Full benefits including health, dental, vision, 401(k), and paid time off
• Opportunity to join a purpose-driven, high-growth leadership team at a pivotal moment in behavioral healthcare transformation
• Professional development opportunities and training
• Collaborative and supportive work culture.