Conduit

CareMessage - Senior Compliance and Privacy Manager (Remote - US Based) @ CareMessage


Join us to Improve Health Equity for 5 Million People!CareMessage is the Health Equity engine of the United States. Our mission is to leverage technology to improve health equity for people from low socioeconomic backgrounds, with a core focus on the safety-net organizations that serve them best: federally qualified health centers (FQHCs), free and charitable clinics, Indian Health Service (IHS) health facilities and Native American-focused health centers. The CareMessage platform allows healthcare organizations to communicate with patients at scale, prompting patients to action via technology-enabled solutions designed to increase access to care, improve clinical outcomes and address social drivers of health.Nationally, CareMessage is proud to work with over 400 customers in 43 states. Since 2013, safety-net organizations have leveraged CareMessage to reach over 17 million low-income patients with over 350 million text messages.Founded in 2012 at Stanford University, CareMessage has raised over $35 million from Google.org, William K. Bowes Jr. Foundation, Pershing Square Foundation, Y Combinator, Schmidt Futures, Twilio.org, Direct Relief, Biogen, and many more.Reporting to the Senior Director of Finance and working closely with the VP of Engineering (who also serves as CISO and Chief Compliance Officer (CO)), our Senior Compliance and Privacy Manager will play a key role in advising and overseeing compliance at CareMessage. This individual will be responsible for creating and reviewing policies and documents that impact our compliance standing, auditing our processes, and assisting with maintaining and improving our posture with regards to regulations impacting CareMessage. Due to the current nature of our business, these are primarily related to Healthcare (HIPAA) and Messaging (A2P10DLC/TCPA/STIR/SHAKEN). This individual will be the Subject Matter Expert (SME) on all things Compliance, help guide our decision making, and partner with other leaders to direct company-wide initiatives and projects to different departments to improve and maintain a high standard of compliance while continuing to drive innovation. The ideal candidate is a proactive individual with a passion for continuous learning, and is ready to get hands- on and thrive in a dynamic, product-led technical setting. We seek someone adept at providing regulatory compliance guidance, researching and staying abreast of emerging regulations, and auditing our processes to confirm compliance with stated practices. Our ideal candidate embraces challenges posed by new and emerging technologies, demonstrating adaptability and a commitment to ongoing personal development. Long-term, they would have the opportunity to grow into an external advocate, working with industry groups, agencies, legislatures, and other critical stakeholders to draft or influence policies that impact underserved populations in our nation and further our mission of increasing health care equity.RequirementsPossess comprehensive understanding of and remain current on key compliance mandates and legislation related to Voice/SMS messaging, Privacy, and Healthcare, including but not limited to: HIPAA, TCPA, STIR/SHAKEN, & other state mandated Privacy Acts such as CCPA, VCDPA, etc.Demonstrated experience with Project and/or Program Management in a cross-functional capacityProven familiarity with contractual terms, language, and implementationHighly organized and detail-oriented, with strong emphasis on thoroughnessStrong interpersonal skills with ability to interact and build rapport with executive-level external clients and internal stakeholdersExceptional written and oral communication skillsAbility to identify and manage prioritiesCapable of multi-tasking and working independentlyPositive attitude and team playerExpert proficiency on Microsoft Office and Google SuiteYou have experience working remotelyYou have a commitment to supporting and fostering diversity and inclusion within the teams you have worked with (We have a global team and you will regularly collaborate with people from a variety of walks of life)Preferred ExperienceLegal backgroundExperience working closely with Product Development functions (Product/Engineering)Experience working in the B2B SaaS spaceJob ResponsibilitiesDraft, edit, review and interpret Contracts, Policies, Business Associate Agreements, Terms of Service, and other similar contractual documents, through the lens of compliance considerations and mandatesRemain up-to-date on new regulations in our space that have ramifications for our product, business, and/or customers and their patientsReview and assist with the selection and implementation of related compliance training resources for workforceLead initiatives that increase our team’s awareness of and responsiveness to compliance requirements including internal training, audits, etc.Advise on investigations and risk assessments of potential privacy breaches, if needed (rare)Conduct compliance risk analyses and make recommendations and decisions to best protect the organizationDevelop relationships with external SMEs, industry groups, and legal counsel as it pertains to compliance-related topicsParticipate in synchronous and asynchronous product discussions to advise on compliance-related implicationsDraft internal and external-facing communications to help our team and our customers remain aware of and compliant with all regulationsBe an advocate for compliance within the companyBuild and maintain strong relationships with peers and stakeholdersWithin 1 Month you'llGain a foundational understanding of our business, customers and patientsMeet all key internal stakeholders and begin to understand and assess our Compliance policies and protocolsEstablish meetings and connection points with key external stakeholdersWithin 3 Months you'llPerform a gap assessment of Compliance policies and protocols and work with CO and Senior Director of Finance to develop roadmap of preliminary findingsCreate systems for maintaining awareness of and communicating key industry updates regarding relevant compliance changesTake over responsibility for Compliance responsibilities covered (or not covered) by other team members Within 6 Months you'llDisplay strong leadership in the area of compliance having established strong rapport with all internal and external stakeholdersOwn the review of all contracts, agreements and documents with compliance related impact Established a clear process and cadence with Product, Engineering, Operations and other relevant functions to maintain an ongoing adherence to all related compliance topics$145,000 - $169,500 a yearCompensation DetailsFor this position we are considering candidates at two different levels. For those more mid-career at what we would classify as the L2 level, it's likely that they have held one or more legal and/or compliance-related roles with relevant industry experience. We are also considering candidates at the later career L3 level, and would expect such candidates to have held multiple legal and compliance-related roles for several years in the Healthcare and/or Messaging spaces, and to be extremely proficient in their craft and able to both lead a function as well as do the work directly.During the interview process we will determine the candidates leveling based on experience and interview results. Our salary allocation for the L2 role is $145,000/year. The salary for the L3 role is $169,500/year. Due to the nature of this role, this position is open to USA based applicants only.Note: If you don’t fit this description perfectly (in particular, if you come from an under-represented group), but you would consider yourself Mid-career, Senior or Director Level Compliance Specialist, Counsel, or Manager, please apply! We believe in equal work for equal pay. All team members performing the same role at the same level are paid the same regardless of where they are in the world. Working at CareMessageWe take care of our employees by offering competitive salaries and benefits packages. We ensure our team feels cared for so that we, in turn, can help support our safety net organizations and underserved populations.We compensate fairly and equitablyFlexible work hours; fully remote teamWe believe in equal work for equal pay: all team members performing the same role at the same level are paid similarly, regardless of where they are in the worldPaid parental leave for biological and adopted childrenWe give you time off to thriveHalf-day Fridays, every Friday18 paid company holidays, including a one week mid-year and one week end-of-year break9 wellness days to be used for self-care- or anything that comes up in life15 days of PTO1-month (20 working days) paid sabbatical after the 4-year anniversary, and every 4 years thereafterWe support your health, wellness, and growthGenerous medical, dental, and vision insurance for employees and their familiesHealth Savings Accounts and Flexible Spending Accounts401k retirement planShort & long-term disability insurance$100 per employee yearly wellness budget, with flexibility to spend on physical, emotional, and mental wellness resourcesPerkSpot: Instant access to discounts on products & services from hundreds of vendorsAnnual budget for professional and personal development (webinars, online courses, books, and more)Volunteerism incorporated in onboarding and encouraged on an ongoing basisApply for this job