Director of Privacy Compliance
Headway
Headway’s mission is a big one – to build a new mental health care system everyone can access. We’ve built technology that helps people find great therapists with the first software-enabled national network of providers accepting insurance.
1 in 4 people in the US have a treatable mental health condition, but the majority of providers don’t accept insurance, making therapy too expensive for most people. Headway is building a new mental healthcare system that everyone can access by making it easy for therapists to accept insurance and scale their practice.
Headway was founded in 2019. Since then, we’ve grown into a diverse, national network of over 45,000 mental healthcare providers across all 50 states who run their practice on our software and have served over 1 million patients. We’re a Series D company with over $325m in funding from a16z (Andreessen Horowitz), Accel, GV (formerly Google Ventures), Spark Capital, Thrive Capital, Forerunner Ventures and Health Care Service Corporation.
We want your time here to be the most meaningful experience of your career. Join us, and help change mental healthcare for the better.
If you’ve been looking for an opportunity to build the nation’s best privacy program from the ground up inside an innovative health-tech company, this is the role for you.
Headway is looking for a Director of Privacy Compliance to be a key member of Headway’s Compliance team, supporting our cross-functional compliance effort. You will work closely with the Head of Compliance to support a rapidly scaling mental healthcare company by partnering with key stakeholders to implement privacy compliance efforts and programs.
We're seeking a leader with expertise in healthcare compliance, who is also proactive, forward-thinking, and able to navigate and thrive in ambiguity. You will be vital to our ability to partner with payers across the nation and solve various complex issues that arise as we change the behavioral health landscape.
You will:
- Collaborate with the Security & Privacy teams to ensure operational alignment between security and privacy programs
- Partner with stakeholders to identify, document, and mitigate privacy risks
- Support new and existing products, technologies, and vendor relationships by ensuring privacy risks are evaluated and mitigated
- Provide technical and regulatory guidance to all departments on privacy compliance matters to ensure compliance with applicable regulations and standards
- Contribute to the risk management strategic plan
- Manage privacy incidents and breach notifications required by federal and state law, serving as liaison with federal and state oversight agencies
- Develop and lead strategic role-specific trainings
- Drive cross functional communication and training across the company to ensure compliance with company privacy policies, data-handling policies and procedures, and legal obligations
- Manage data subject requests (DSRs) related to privacy inquiries
- Contribute to security and privacy audits
- Continuously improve privacy and security practices, policies, and standards
- Maintain current and operational knowledge of applicable federal and state privacy laws and regulations including, but not limited to:
- Health Insurance Portability and Accountability Act (HIPAA)
- California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)
- My Health My Data Act (MHMDA)
- Confidentiality of Medical Information Act (CMIA)
- Foster a culture of compliance and ethical behavior within our company
- Provide regular compliance reports on the operation, efficacy, and progress of compliance efforts, violations, and risks
You will love this role if:
- You have 8+ years of experience in privacy compliance or healthcare-related operations, legal, auditing, consulting, or the equivalent combination of experience
- You are deeply knowledgeable on privacy laws, payer requirements, and health care regulation more broadly
- You have proven experience in developing compliance frameworks and leading privacy initiatives as part of a compliance-focused team
- You function well in a high-paced environment and are able to quickly adapt to changing priorities and situations
- You engage, inspire, build credibility, and trust across all levels of the company
- You have the ability to disseminate and translate complex regulatory requirements into actionable requirements
- You have exceptional communication, organizational, project management, and prioritization skills
- You are certified in relevant areas such as Healthcare Compliance (CHC) or certified in Healthcare Privacy Compliance (CHPC)
Compensation and Benefits:
- Salary information is based on a single salary target per role and is differentiated based on geographic location (Group A, B, or C)
- Group A: $210,000
- Group B: $189,000
- Group C: $168,000
- Examples of cities located in each Compensation Grouping:
- Group A = NYC, SF/Bay Area, LA Area, Seattle, Boston, Austin, and San Diego
- Group B = Chicago, Miami, Denver, Washington DC, Philadelphia, Atlanta, Minneapolis, Nashville, Sacramento, Phoenix, and Portland
- Group C = All remaining cities
- Benefits offered include:
- Equity Compensation
- Medical, Dental, and Vision coverage
- HSA / FSA
- 401K
- Work-from-Home Stipend
- Therapy Reimbursement
- 16-week parental leave for eligible employees
- Carrot Fertility annual reimbursement and membership
- 13 paid holidays each year as well as a Holiday Break during the week between December 25th and December 31st
- Flexible PTO
- Employee Assistance Program (EAP)
- Training and professional development
We believe a team's strength is in its people, and we cannot achieve this mission without a team that reflects the diversity of this problem – across race, ethnicity, gender, sexuality, age, national origin, religion, family status, disability, military status, and experience.
Headway is committed to the full inclusion of all qualified individuals. As part of this commitment, Headway will ensure that persons with disabilities are provided with reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or receive other benefits and privileges of employment, please contact talent@findheadway.com
Headway employees work remotely across the US, with the option to work from offices in New York City and San Francisco. Headway participates in E-Verify. To learn more, click here.