Compliance and Privacy Manager

Compliance And Privacy Manager

Boulder Care is a digital clinic for addiction medicine, recognized for its innovation and high quality of patient care. Founded in 2017 by CEO Stephanie Strong, our mission is to improve the lives of people with substance use disorders through compassionate, evidence-based care. We provide Boulder patients with a fully virtual, multidisciplinary care team, including medical providers, behavioral health clinicians, and peer recovery specialists, who deliver personalized treatment, including medication-assisted treatment (MAT) and ongoing support. Our approach is grounded in clinical excellence, patient-centered care, and a commitment to reducing barriers to recovery. Boulder partners with leading health plans, employers, and community organizations to ensure that our services are accessible and covered for the people who need them most.

As the Manager of Compliance & Privacy, you'll lead and scale our health care compliance and privacy programs across a rapidly growing, telehealth-based addiction treatment model. You will be responsible for ensuring Boulder Care operates at the highest standards of compliance with health care regulations and privacy laws in every jurisdiction in which we deliver services, including oversight of privacy and compliance operations, state behavioral health certification and accreditation program compliance, internal audits, incident responses, managing education and training initiatives, and monitoring and mitigating risk. In this role, you will partner closely with legal, clinical, IT, product, operations, and executive leadership to embed compliance and privacy into our services, policies, and culture.

Health Care Compliance, Accreditation and Behavioral Health Certification, and Privacy Program Management - 90%

• Develop, maintain, and enhance compliance policies, procedures, and controls for telehealth-based addiction treatment services in multiple states in accordance with best practices and applicable state and federal laws and regulations; lead periodic reviews and updates as laws / regulations evolve
• Serve as the designated Privacy Officer and oversee compliance with HIPAA, 42 CFR Part 2, and applicable state privacy laws and regulations
• Manage national accreditation and state behavioral health certification program compliance, including policy development and new market applications
• Conduct privacy & compliance risk assessments, internal audits, gap analyses; implement corrective plans and monitor remediations as necessary
• Manage incident response : oversee investigations of privacy or compliance breaches, coordinate response, notification, and remediation
• Lead training & awareness programs for clinical, operational, technical, and other staff on privacy, security, and regulatory compliance topics
• Monitor regulatory landscape : track changes and developments in relevant laws and regulations, assess their impact on Boulder Care's operations, and advise leadership accordingly
• Support compliance with contractual obligations (e.g. with payors, vendors, partners) related to privacy, consent, data use and sharing
• Serve as liaison to external regulators or auditors, manage audit or investigation responses, ensure documentation readiness
• Maintain metrics, dashboards, and reporting to leadership on compliance / privacy performance, risk indicators, and program health
• Lead or participate in internal compliance committees; coordinate with Chief Legal Officer, clinical operations, and information security teams

Ethical Leadership, Compliance and Organizational Communication -10%

What you bring :

Nice to have but not required :

Work environment :

Expected hours of work :

This is a full-time remote position expected to work 40 hours between Monday-Friday

Compensation :

The starting pay range for this position is $110,000 - 135,000 per year; base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. The total compensation package for this position may also include other elements, including a full range of medical, financial, and / or other benefits (including 401(k) eligibility and various paid time off benefits, such as vacation, sick time, and parental leave).

Hiring timeline :

Some of Boulder's amazing benefits for regular, full-time employees :

Our values :

Boulder Care believes the people who manage our product and team should be representative of those who use the platform. This includes people from backgrounds that are historically underrepresented in the industry. We celebrate differences and are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, citizenship, marital status, disability, gender identity or veteran status. If you are a qualified person with a passion for what we do, please apply!