Compliance Manager

Community Medical Services•Scottsdale, AZ

1d•Hybrid

About The Position

We are seeking an experienced Compliance Manager to lead and strengthen our organization's compliance and privacy programs. Reporting to the EVP of Compliance, this role is responsible for ensuring adherence to federal and state regulations, with a particular emphasis on patient privacy, behavioral health, and opioid treatment program requirements. The ideal candidate brings strong working knowledge of HIPAA and 42 CFR Part 2, sound judgment, and the ability to translate complex regulatory requirements into practical, day-to-day operations.

Requirements

Bachelor's degree in healthcare administration, business, law, public health, or a related field (or equivalent experience).
Minimum of 3–5 years of compliance experience, including demonstrated privacy experience (HIPAA and/or 42 CFR Part 2).
Strong understanding of healthcare regulatory frameworks and the ability to interpret and apply complex regulations.
Excellent investigative, analytical, and problem-solving skills.
Strong written and verbal communication skills, with the ability to advise and influence across all levels of the organization.
High degree of integrity, discretion, and sound professional judgment when handling sensitive and confidential information.

Nice To Haves

Experience in behavioral health (BH) and/or opioid treatment programs (OTP).
Compliance certification (e.g., CHC, CHPC, CHC-F, or CCEP) or the ability to obtain certification within one year of hire.
Familiarity with SAMHSA, DEA, and state-specific OTP regulations.

Responsibilities

Develop, implement, and maintain compliance policies, procedures, and controls across the organization.
Serve as a subject matter expert on patient privacy regulations, including HIPAA Privacy and Security Rules and 42 CFR Part 2 (confidentiality of substance use disorder records).
Oversee compliance activities specific to behavioral health (BH) services and opioid treatment programs (OTP), including SAMHSA and DEA requirements where applicable.
Conduct regular risk assessments, audits, and monitoring activities to identify and remediate compliance gaps.
Investigate compliance concerns, privacy incidents, and potential breaches; manage reporting, documentation, and corrective action plans.
Deliver compliance and privacy training to staff at all levels, promoting a culture of accountability.
Maintain current knowledge of evolving federal, state, and accreditation requirements, and update programs accordingly.
Partner with clinical, operational, and IT teams to embed compliance into workflows and systems.
Support responses to regulatory audits, surveys, and inquiries.