Associate Director, Compliance & Privacy

About the position

Denali Therapeutics is recruiting an Associate Director, Compliance & Privacy, reporting to the Senior Director, Healthcare Law and Compliance. This role will play a pivotal role in supporting the organization's commitment to ethical business practices, regulatory compliance, and data privacy as we prepare for our first potential commercial launch in neurodegenerative disease. This position will oversee compliance initiatives related to privacy law, data governance, Fair Market Value (FMV) payments, Transfer of Value reporting, price transparency reporting, auditing/monitoring, investigations, training, and policy development. The role requires cross-functional collaboration with Business Operations, Finance, IT, Contracts, Market Access, and other stakeholders to ensure adherence to federal, state, and global regulations.

Responsibilities

• Serve as the subject matter expert on healthcare privacy laws (e.g., HIPAA, GDPR, CCPA) and industry regulations affecting biotech companies.
• Collaborate with Business Operations and IT to implement and oversee robust data governance frameworks that ensure compliance with privacy and security standards.
• Conduct privacy risk assessments, advise on contractual privacy terms and data sharing agreements, and manage any data privacy-related incidents.
• Implement appropriate privacy controls for company activities, including marketing, digital engagement, and patient assistance programs.
• Develop and lead privacy related trainings to ensure functions across the business are trained and empowered to act compliantly.
• Monitor evolving global privacy laws and their impact on research, clinical trials, and commercialization activities.
• Oversee the Fair Market Value (FMV) assessment process to ensure payments to healthcare professionals (HCPs) align with regulatory requirements and company policies; serve as the point of escalation with the Contracts Group.
• Oversee the Transfer of Value reporting process (e.g., CMS Open Payments, state reporting), including tracking, identifying, and remediating discrepancies in collaboration with Business Operations.
• Ensure compliance with state price transparency reporting laws in partnership with Market Access.
• Provide compliance oversight for activities including investigator-initiated trials, sponsorships and grants, and advisory boards.
• Implement auditing and monitoring programs to proactively identify and mitigate compliance risks in interactions with HCPs and commercial activities.
• Lead and support internal investigations related to potential compliance violations, ensuring proper documentation, root cause analysis, and corrective action implementation.
• Conduct risk-based compliance assessments to evaluate the effectiveness of policies and controls, reporting findings and recommendations to leadership.
• Develop and deliver compliance training to employees, ensuring understanding of biotech-specific compliance risks and regulatory obligations.
• Develop and update company compliance policies and procedures based on tracking changes in the regulatory and enforcement landscape.
• Provide strategic guidance on emerging healthcare compliance risks, including clinical trials, patient support programs, expanded access programs, and commercialization strategies.

Requirements

• Bachelor's degree required; JD, MBA, or Master's in a related field preferred.
• At or near 7 years of overall work experience, to include 5+ years of compliance or regulatory experience in the biotech, pharmaceutical, or life sciences industry.
• Strong knowledge of U.S. and global healthcare compliance regulations, including HIPAA, GDPR, Anti-Kickback Statute, False Claims Act, Sunshine Act, and state price transparency laws.
• Experience with FMV assessments, Transfer of Value reporting, price transparency regulations, and industry compliance best practices.
• Experience designing and delivering compliance training programs.
• Strong investigative skills with experience in auditing, monitoring, and risk management.
• Excellent communication, analytical, and interpersonal skills, with the ability to work cross-functionally.
• Ability to be flexible and adapt with a growth mindset while providing practical compliance solutions to complex challenges.
• Motivated to communicate strategy and report on results to build trust and transparency at all levels of the company.

Nice-to-haves

• Certification in Healthcare Compliance (CHC)
• Certification in Healthcare Privacy Compliance (CHPC)
• Certified Information Privacy Professional (CIPP).
• Experience working with compliance monitoring systems, transparency reporting tools, and data privacy technology.

Benefits

• 401k
• healthcare coverage
• ESPP
• broad range of other benefits