Compliance Director

Minimum 10 years of health care compliance, privacy, and risk management experience. Experience in telehealth, behavioral health and/or addiction medicine settings. Deep knowledge and proven experience with HIPAA, state privacy laws, and healthcare regulatory compliance in multi-state environments. Experience leading incident response, internal audits, policy development, and regulatory-driven investigations. Strong leadership skills; ability to manage cross-functional teams, influence without direct authority, and drive culture change. Excellent communication skills—written, verbal; able to deliver training, to work with executive leadership and with staff at all levels. Strong analytical skills; comfort with interpreting complex regulatory requirements and translating them into practical operational policies. High integrity, ethical mindset, attention to detail, ability to maintain composure under pressure.

Develop, maintain, and enhance compliance policies, procedures, and controls for telehealth-based addiction treatment services. Manage national accreditation and state behavioral health certification program compliance. Serve as the designated Privacy Officer and oversee compliance with HIPAA, 42 CFR Part 2, and applicable state privacy laws. Conduct privacy & compliance risk assessments, internal audits, and gap analyses. Manage incident response: oversee investigations of privacy or compliance breaches, coordinate response, notification, and remediation. Lead training & awareness programs for staff on privacy, security, and regulatory compliance topics. Monitor regulatory landscape and advise leadership. Support compliance with contractual obligations related to privacy, consent, data use and sharing. Serve as liaison to external regulators or auditors. Maintain metrics, dashboards, and reporting on compliance/privacy performance. Lead or participate in internal compliance committees. Demonstrate knowledge of ethical standards, professional codes, and applicable laws. Uphold and model organizational policies and professional codes of ethics. Promote ethical, patient-centered decision-making. Collaborate with colleagues to develop and progress organizational policies and procedures. Communicate policies, procedures, and organizational culture effectively to new employees and colleagues. Foster a culture of professionalism, transparency, and accountability.