Headlight

Compliance Manager

Headlight

full-time

Posted on:

Location Type: Hybrid

Location: Salt Lake CityUtahUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $90,000 - $110,000 per year

About the role

  • Develop, implement, and maintain the company’s enterprise compliance program, including policies, procedures, and internal controls aligned with healthcare regulatory standards.
  • Serve as the organization’s Privacy Officer, monitoring adherence to applicable federal and state healthcare regulations.
  • Establish and maintain a compliance monitoring and auditing program to proactively identify risks and ensure operational compliance.
  • Conduct internal audits and compliance reviews.
  • Lead payer audit preparation and response support.
  • Manage HIPAA Security Risk Assessments and remediation efforts, internally or through vendors.
  • Identify and mitigate regulatory risk before it becomes operational or financial exposure.
  • Ensure compliance with key healthcare regulations including HIPAA, HITECH, state licensing requirements, telehealth regulations, and payer compliance obligations.
  • Monitor regulatory changes across the healthcare landscape and translate requirements into operational policies and procedures.
  • Support clinical and operational teams in maintaining compliance with documentation, privacy, and care delivery requirements.
  • Oversee compliance for telehealth.
  • Ensure compliance with HIPAA Privacy and Security, Anti-Kickback Statute, Stark Law, CMS rules, and state regulations.
  • Review clinical workflows, documentation standards, and care team roles for regulatory alignment.
  • Evaluate new service lines, partnerships, and initiatives for compliance and reimbursement risk.
  • Ensuring proper operating procedures are in place for compliance relating to employee onboarding and client admissions, clinical documentation, treatment, and discharge.
  • Partner with IT and Security teams to oversee HIPAA privacy and security compliance, including policies governing PHI, access controls, and incident response.
  • Lead internal investigations related to potential privacy or compliance violations and coordinate remediation efforts.
  • Conduct periodic compliance risk assessments and internal audits across clinical, operational, and technical systems.
  • Develop corrective action plans when gaps are identified and ensure timely resolution.
  • Prepare the organization for regulatory reviews, audits, and accreditation processes when applicable.
  • Conducts bench testing/auditing of business activities to confirm that compliance controls are operating effectively.
  • Leverages data analytics and investigative techniques to identify compliance trends, assess risks, and share actionable insights with key stakeholders.
  • Assist to ensure that ongoing regulatory and accreditation requirements such as internal inspections, written assessments, and emergency drills are completed on time.
  • Work closely with Legal, HR, Clinical Leadership, IT, Security, and Operations to integrate compliance practices into day-to-day workflows.
  • Support vendor and partner compliance reviews, including due diligence related to data privacy and regulatory obligations.
  • Review marketing, patient communications, and external materials for compliance risk.
  • Advise leadership on MSO and medical group structural compliance and contracting considerations.
  • Monitor regulatory changes and brief leadership on impact and required actions.
  • Ensure each office in assigned state(s) are operating within company policy, state licensing regulations and The Joint Commission Standards.
  • Ensure that all staff in assigned state(s) are onboarded within company policy, state licensing regulations and The Joint Commission Standards.
  • Obtain initial facility licenses for Mental Health and Substance Use Disorder Outpatient Treatment.
  • Host and organize site visits/surveys/inspections; travel required.
  • Maintain office space compliance for the assigned state(s).

Requirements

  • 5+ years of experience in healthcare compliance, healthcare operations, or regulatory risk management, ideally in multi-state or growth environments
  • Experience supporting medical groups, MSOs, telehealth models, or behavioral health care delivery
  • Strong knowledge of HIPAA, healthcare regulatory frameworks, and privacy/security requirements.
  • Experience building or managing a compliance program within a healthcare organization or healthcare technology company.
  • Familiarity with IT compliance frameworks such as SOC 2, HITRUST, NIST, or similar regulatory/security standards.
  • Ability to interpret complex regulatory requirements and translate them into practical operational policies and processes.
  • Demonstrated ability to work cross-functionally with legal, clinical, and technical teams.
  • Preferred Experience in behavioral health, telehealth, or digital health environments.
  • Professional certifications such as CHC (Certified in Healthcare Compliance) or CHPC, strongly preferred
  • Experience supporting organizations operating across multiple states and payer environments.
Benefits
  • Competitive compensation package
  • Full benefits including health, dental, vision, 401(k), and paid time off
  • Opportunity to join a purpose-driven, high-growth leadership team at a pivotal moment in behavioral healthcare transformation
  • Professional development opportunities and training
  • Collaborative and supportive work culture.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
healthcare complianceregulatory risk managementcompliance program managementHIPAAHITECHtelehealth regulationsinternal auditsdata analyticscompliance monitoringrisk assessments
Soft Skills
cross-functional collaborationcommunicationleadershipproblem-solvingorganizational skillsanalytical thinkingattention to detailadaptabilitystrategic thinkingstakeholder engagement
Certifications
CHCCHPC