Director, Compliance

About The Position

Requirements

• Bachelor’s degree required.
• 8+ years of experience in compliance, legal, privacy, or risk-management roles, preferably in healthcare, pharmacy, or the pharmaceutical supply chain.
• Strong working knowledge of HIPAA and health-information privacy, and familiarity with FTC and state privacy/consumer-protection laws; understanding of Medicare, medical reimbursement, and third-party payor regulations.
• Hands-on experience running compliance operations — investigations and incident response, policy and SOP development, training, and recordkeeping.
• Familiarity with OIG/SAM/OFAC exclusion and sanctions screening, and with compliance tooling (e.g., screening and compliance-management platforms).
• Strong analytical skills with the ability to assess complex compliance risks and propose practical, business-minded solutions.
• Excellent oral and written communication skills, including with senior management, and the ability to distill complex concepts into simple, usable guidance.
• Strong organizational skills and attention to detail, with the ability to manage many concurrent workstreams and deliver on time.

Nice To Haves

• Experience supporting audits and security/compliance certifications (e.g., SOC 2, HITRUST) and responding to client, regulator, or Attorney General inquiries is strongly preferred.

Responsibilities

• Compliance program leadership: Own, advance, and champion Blink's enterprise Compliance Program, including the code of conduct, conflicts-of-interest, gifting, and whistleblower/reporting frameworks.
• Lead the established compliance operating cadence (including weekly compliance reviews and the compliance committee), maintaining clear action items, accountability, and follow-through.
• Provide periodic reports to the Deputy General Counsel and General Counsel on the nature, progress, and status of the program and emerging risks.
• Privacy & HIPAA: Own the HIPAA compliance program — policies, procedures, authorizations, revocation processes, and recordkeeping — keeping it current and continuing to strengthen it as the business and regulations evolve.
• Maintain and enhance the practical guardrails and job aids that help Data, Engineering, and IT teams handle PHI correctly (e.g., approved-vs-not-approved platforms for PHI, data-governance guidance, BAA tracking with vendors).
• Monitor and operationalize evolving privacy and consumer-protection requirements, including HIPAA, FTC, and state privacy laws.
• Investigations, incidents & remediation: Investigate and document potential compliance and privacy concerns, including HIPAA incidents and unauthorized-disclosure events, and partner with stakeholders to develop and execute remediation, coaching, and corrective-action plans.
• Manage intake and response for medical-records and legal-process requests in coordination with Legal Operations.
• Audits & certifications: Cooperate with internal and external auditors and reviewers, and lead Blink's responses to security and compliance audits and certifications (e.g., SOC 2, HITRUST) and to client/partner audits of Blink.
• Support responses to regulator and state Attorney General inquiries in partnership with Legal.
• Consumer & patient matters: Manage consumer and patient complaints, patient requests to access or delete information and other privacy-rights requests, and state Attorney General consumer-protection complaints, escalating to Legal where matters become formal enforcement.
• Screening & integrity controls: Administer Blink’s exclusion and sanctions screening program (OIG/SAM/OFAC), including supporting screening-tool implementation and the investigation of potential screening hits, in partnership with the People team.
• Pharmacy & program compliance: Partner with Pharmacy Operations and Clinical teams on quality and error-handling processes (e.g., fulfillment-error review, clinical templates and calibration) and support adverse-event reporting and pharmacovigilance policy.
• Support compliance for patient-assistance and manufacturer-sponsored programs, including enrollment/unenrollment processes.
• Training, policies & culture: Oversee compliance education and training for all Blink employees, including developing training content and curricula.
• Collaborate cross-functionally to determine, document, and implement policies and standard operating procedures that support a culture of compliance.
• Support special projects and broader Legal team initiatives as the team and company grow.

Benefits

• We are an equal opportunity employer and value diversity of all kinds. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
• Applicants who provide their phone number and consent to receive text messages may receive SMS or MMS updates from Blink Health regarding their application.