Compliance and Privacy Manager

CareMessage

We work half-day Fridays to support work-life balance.

Only considering candidates eligible to work in the USA ⚠️

Join us to Improve Health Equity for 5 Million People!

CareMessage is the Health Equity engine of the United States. Our mission is to leverage technology to improve health equity for people from low socioeconomic backgrounds, with a core focus on the safety-net organizations that serve them best: federally qualified health centers (FQHCs), free and charitable clinics, Indian Health Service (IHS) health facilities and Native American-focused health centers. The CareMessage platform allows healthcare organizations to communicate with patients at scale, prompting patients to action via technology-enabled solutions designed to increase access to care, improve clinical outcomes and address social drivers of health.

Nationally, CareMessage is proud to work with over 400 customers in 43 states. Since 2013, safety-net organizations have leveraged CareMessage to reach over 17 million low-income patients with over 350 million text messages.

Founded in 2012 at Stanford University, CareMessage has raised over $35 million from Google.org, William K. Bowes Jr. Foundation, Pershing Square Foundation, Y Combinator, Schmidt Futures, Twilio.org, Direct Relief, Biogen, and many more.

Reporting to the Senior Director of Finance and working closely with the VP of Engineering (who also serves as CISO and Chief Compliance Officer (CO)), our Senior Compliance and Privacy Manager will play a key role in advising and overseeing compliance at CareMessage.

This individual will be responsible for creating and reviewing policies and documents that impact our compliance standing, auditing our processes, and assisting with maintaining and improving our posture with regards to regulations impacting CareMessage. Due to the current nature of our business, these are primarily related to Healthcare (HIPAA) and Messaging (A2P10DLC/TCPA/STIR/SHAKEN). This individual will be the Subject Matter Expert (SME) on all things Compliance, help guide our decision making, and partner with other leaders to direct company-wide initiatives and projects to different departments to improve and maintain a high standard of compliance while continuing to drive innovation.

The ideal candidate is a proactive individual with a passion for continuous learning, and is ready to get hands-on and thrive in a dynamic, product-led technical setting. We seek someone adept at providing regulatory compliance guidance, researching and staying abreast of emerging regulations, and auditing our processes to confirm compliance with stated practices. Our ideal candidate embraces challenges posed by new and emerging technologies, demonstrating adaptability and a commitment to ongoing personal development.

Long-term, they would have the opportunity to grow into an external advocate, working with industry groups, agencies, legislatures, and other critical stakeholders to draft or influence policies that impact underserved populations in our nation and further our mission of increasing health care equity.

Requirements

  • Possess comprehensive understanding of and remain current on key compliance mandates and legislation related to Voice/SMS messaging, Privacy, and Healthcare, including but not limited to: HIPAA, TCPA, STIR/SHAKEN, & other state mandated Privacy Acts such as CCPA, VCDPA, etc.
  • Demonstrated experience with Project and/or Program Management in a cross-functional capacity
  • Proven familiarity with contractual terms, language, and implementation
  • Highly organized and detail-oriented, with strong emphasis on thoroughness
  • Strong interpersonal skills with ability to interact and build rapport with executive-level external clients and internal stakeholders
  • Exceptional written and oral communication skills
  • Ability to identify and manage priorities
  • Capable of multi-tasking and working independently
  • Positive attitude and team player
  • Expert proficiency on Microsoft Office and Google Suite
  • You have experience working remotely
  • You have a commitment to supporting and fostering diversity and inclusion within the teams you have worked with (We have a global team and you will regularly collaborate with people from a variety of walks of life)

Preferred Experience

  • Legal background
  • Experience working closely with Product Development functions (Product/Engineering)
  • Experience working in the B2B SaaS space

Job Responsibilities

  • Draft, edit, review and interpret Contracts, Policies, Business Associate Agreements, Terms of Service, and other similar contractual documents, through the lens of compliance considerations and mandates
  • Remain up-to-date on new regulations in our space that have ramifications for our product, business, and/or customers and their patients
  • Review and assist with the selection and implementation of related compliance training resources for workforce
  • Lead initiatives that increase our team’s awareness of and responsiveness to compliance requirements including internal training, audits, etc.
  • Advise on investigations and risk assessments of potential privacy breaches, if needed (rare)
  • Conduct compliance risk analyses and make recommendations and decisions to best protect the organization
  • Develop relationships with external SMEs, industry groups, and legal counsel as it pertains to compliance-related topics
  • Participate in synchronous and asynchronous product discussions to advise on compliance-related implications
  • Draft internal and external-facing communications to help our team and our customers remain aware of and compliant with all regulations
  • Be an advocate for compliance within the company
  • Build and maintain strong relationships with peers and stakeholders

Within 1 Month you'll

  • Gain a foundational understanding of our business, customers and patients
  • Meet all key internal stakeholders and begin to understand and assess our Compliance policies and protocols
  • Establish meetings and connection points with key external stakeholders

Within 3 Months you'll

  • Perform a gap assessment of Compliance policies and protocols and work with CO and Senior Director of Finance to develop roadmap of preliminary findings
  • Create systems for maintaining awareness of and communicating key industry updates regarding relevant compliance changes
  • Take over responsibility for Compliance responsibilities covered (or not covered) by other team members

Within 6 Months you'll

  • Display strong leadership in the area of compliance having established strong rapport with all internal and external stakeholders
  • Own the review of all contracts, agreements and documents with compliance related impact
  • Established a clear process and cadence with Product, Engineering, Operations and other relevant functions to maintain an ongoing adherence to all related compliance topics

$145,000 - $169,500 a year

Compensation Details

For this position we are considering candidates at two different levels. For those more mid-career at what we would classify as the L2 level, it's likely that they have held one or more legal and/or compliance-related roles with relevant industry experience. We are also considering candidates at the later career L3 level, and would expect such candidates to have held multiple legal and compliance-related roles for several years in the Healthcare and/or Messaging spaces, and to be extremely proficient in their craft and able to both lead a function as well as do the work directly.

During the interview process we will determine the candidates leveling based on experience and interview results. Our salary allocation for the L2 role is $145,000/year. The salary for the L3 role is $169,500/year. Due to the nature of this role, this position is open to USA based applicants only.

Note: If you don’t fit this description perfectly (in particular, if you come from an under-represented group), but you would consider yourself Mid-career, Senior or Director Level Compliance Specialist, Counsel, or Manager, please apply!

We believe in equal work for equal pay. All team members performing the same role at the same level are paid the same regardless of where they are in the world.

Working at CareMessage

We take care of our employees by offering competitive salaries and benefits packages. We ensure our team feels cared for so that we, in turn, can help support our safety net organizations and underserved populations.

We compensate fairly and equitably

Flexible work hours; fully remote team

We believe in equal work for equal pay: all team members performing the same role at the same level are paid similarly, regardless of where they are in the world

Paid parental leave for biological and adopted children

We give you time off to thrive

Half-day Fridays, every Friday

18 paid company holidays, including a one week mid-year and one week end-of-year break

9 wellness days to be used for self-care- or anything that comes up in life

15 days of PTO

1-month (20 working days) paid sabbatical after the 4-year anniversary, and every 4 years thereafter

We support your health, wellness, and growth

Generous medical, dental, and vision insurance for employees and their families

Health Savings Accounts and Flexible Spending Accounts

401k retirement plan

Short & long-term disability insurance

$100 per employee yearly wellness budget, with flexibility to spend on physical, emotional, and mental wellness resources

PerkSpot: Instant access to discounts on products & services from hundreds of vendors

Annual budget for professional and personal development (webinars, online courses, books, and more)

Volunteerism incorporated in onboarding and encouraged on an ongoing basis

CareMessagecaremessage.org

A nonprofit leveraging technology to improve health equity for underserved populations in the US.

Working Week

We work half-day Fridays to support work-life balance.

Our Vacation Policy

We offer 15 days of PTO, 18 paid company holidays, and additional wellness days. Generous vacation policy, including half-day Fridays and comprehensive holiday breaks.

Remote Working Policy

We work 100% remotely, with team members working from locations that best suit their lifestyles, including internationally.

Company Benefits

  • Health insurance
  • Transparent Salaries
  • Generous parental leave
  • Dentalcare
  • Equipment allowance
  • Professional Development Budget
  • Opportunties for Sabbaticals

Desirable Skills and Experience

  • Microsoft Office
  • Google Suite
  • Voice/SMS messaging
  • HIPAA knowledge
  • TCPA knowledge
  • STIR/SHAKEN knowledge
  • Project Management
  • Program Management
  • Contractual terms
  • Detail-oriented
  • Interpersonal skills
  • Communication skills
  • Prioritization
  • Remote working
  • Diversity and Inclusion
  • Legal background
  • Product Development
  • B2B SaaS experience

Share this job:

Report incorrect data

Let us know if the job has expired