Senior Compliance and Privacy Manager (Remote - US Based)
Posted on Saturday, August 19, 2023
Join us to Improve Health Equity for 5 Million People!
CareMessage is the Health Equity engine of the United States. Our mission is to leverage technology to improve health equity for people from low socioeconomic backgrounds, with a core focus on the safety-net organizations that serve them best: federally qualified health centers (FQHCs), free and charitable clinics, Indian Health Service (IHS) health facilities and Native American-focused health centers. The CareMessage platform allows healthcare organizations to communicate with patients at scale, prompting patients to action via technology-enabled solutions designed to increase access to care, improve clinical outcomes and address social drivers of health.
Nationally, CareMessage is proud to work with over 400 customers in 43 states. Since 2013, safety-net organizations have leveraged CareMessage to reach over 17 million low-income patients with over 350 million text messages.
Founded in 2012 at Stanford University, CareMessage has raised over $35 million from Google.org, William K. Bowes Jr. Foundation, Pershing Square Foundation, Y Combinator, Schmidt Futures, Twilio.org, Direct Relief, Biogen, and many more.
Reporting to the VP of Engineering (who also serves as CISO and Chief Compliance Officer (CO)) and working closely with the COO, our Senior Compliance and Privacy Manager will play a key role in advising and overseeing compliance at CareMessage.
This individual will be responsible for creating and reviewing policies and documents that impact our compliance standing, auditing our processes, and assisting with maintaining and improving our posture with regards to regulations impacting CareMessage. Due to the current nature of our business, these are primarily related to Healthcare (HIPAA) and Messaging (A2P10DLC/TCPA/STIR/SHAKEN). This individual will be the Subject Matter Expert (SME) on all things Compliance and will help guide our decision making, and partner with other leaders to direct company-wide initiatives and projects to different departments to improve and maintain a high standard of compliance while continuing to drive innovation.
The ideal candidate is a proactive individual with a passion for continuous learning, ready to get hands-on and thrive in a dynamic, product-led technical setting. We seek someone adept at providing regulatory compliance guidance, researching and staying abreast of emerging regulations, and auditing our process to confirm compliance with stated practices. Our ideal candidate embraces challenges posed by new and emerging technologies, demonstrating adaptability and a commitment to ongoing personal development.
Long-term, they would have the opportunity to grow into an external advocate, working with industry groups, agencies, legislatures, and other critical stakeholders to draft or influence policies that impact underserved populations in our nation and further our mission of increasing health care equity.
- Possess comprehensive understanding of and remain current on key compliance mandates and legislation related to Voice/SMS messaging, Privacy, and Healthcare, including but not limited to: HIPAA, TCPA, STIR/SHAKEN, & other state mandated Privacy Acts such as CCPA, VCDPA, etc.
- Demonstrated experience with Project and/or Program Management in a cross-functional capacity
- Proven familiarity with contractual terms, language, and implementation
- Highly organized and detail-oriented, with strong emphasis on thoroughness
- Strong interpersonal skills with ability to interact and build rapport with executive-level external clients and internal stakeholders
- Exceptional written and oral communication skills
- Ability to identify and manage priorities
- Capable of multi-tasking and working independently
- Positive attitude and team player
- Expert proficiency on Microsoft Office and Google Suite
- You have experience working remotely
- You have a commitment to supporting and fostering diversity and inclusion within the teams you have worked with (We have a global team and you will regularly collaborate with people from a variety of walks of life)
- Legal background
- Experience working closely with Product Development functions (Product/Engineering)
- Experience working in the B2B SaaS space
- Draft, edit, review and interpret Contracts, Policies, Business Associate Agreements, Terms of Service, and other similar contractual documents, through the lens of compliance considerations and mandates
- Remain up-to-date on new regulations in our space that have ramifications for our product, business, and/or customers and their patients
- Review and assist with the selection and implementation of related compliance training resources for workforce
- Lead initiatives that increase our team’s awareness of and responsiveness to compliance requirements including internal training, audits, etc.
- Advise on investigations and risk assessments of potential privacy breaches, if needed (rare)
- Conduct compliance risk analyses and make recommendations and decisions to best protect the company
- Develop relationships with external SMEs, industry groups, and legal counsel as it pertains to compliance related topics
- Participate in synchronous and asynchronous product discussions to advise on compliance-related implications
- Draft internal and external facing communications to help our team and our customers remain aware and compliant with all regulations
- Be an advocate for compliance within the company
- Build and maintain strong relationships with peers and stakeholders
Within 1 Month you'll
- Gain a foundational understanding of our business, customers and patients
- Meet all key internal stakeholders and begin to understand and assess our Compliance policies and protocols
- Establish meetings and connection points with key external stakeholders
Within 3 Months you'll
- Perform a gap assessment of Compliance policies and protocols and work with CO and COO to develop roadmap of preliminary findings
- Create systems for maintaining awareness of and communicating key industry updates regarding relevant compliance changes
- Take over responsibility for Compliance responsibilities covered (or not covered) by other team members
Within 6 Months you'll
- Display strong leadership in the area of compliance having established strong rapport with all internal and external stakeholders
- Own the review of all contracts, agreements and documents with compliance related impact
- Established a clear process and cadence with Product, Engineering, Operations and other relevant functions to maintain an ongoing adherence to all related compliance topics
Working at CareMessage
We take care of our employees by offering competitive salaries and benefits packages. We ensure our team feels cared for so that we, in turn, can help support our safety net organizations and underserved populations.
We compensate fairly and equitably
Flexible work hours; fully remote team
We believe in equal work for equal pay: all team members performing the same role at the same level are paid similarly, regardless of where they are in the world
Paid parental leave for biological and adopted children
We give you time off to thrive
Half-day Fridays, every Friday
18 paid company holidays, including a one week mid-year and one week end-of-year break
9 wellness days to be used for self-care- or anything that comes up in life
15 days of PTO
1-month (20 working days) paid sabbatical after the 4-year anniversary, and every 4 years thereafter
We support your health, wellness, and growth
Generous medical, dental, and vision insurance for employees and their families
Health Savings Accounts and Flexible Spending Accounts
401k retirement plan
Short & long-term disability insurance
$100 per employee yearly wellness budget, with flexibility to spend on physical, emotional, and mental wellness resources
PerkSpot: Instant access to discounts on products & services from hundreds of vendors
Annual budget for professional and personal development (webinars, online courses, books, and more)
Volunteerism incorporated in onboarding and encouraged on an ongoing basis