Compliance Manager
- Headlight
- Denver, CO, USA
- $90,000 - $110,000 yearly
Job Description
Our highly skilled and principled clinical team enjoys autonomy and institutional support so they can put their focus where it should be: on improving patient outcomes. Our clinicians want to do more than help individual clients, so they work to affect the system as a whole, elevating standards of care so that their efforts reverberate far beyond what they could do in private practice.
As the most trusted behavioral health partner in the Western U.S., we’ve established deep relationships that give us unparalleled access, interoperability, and first-priority referrals. This exclusivity, combined with our best-in-class coordinated care and feedback loops, results in superior outcomes and cost savings.
Our services are convenient, accessible, and expert, combining personalized client engagement with advanced technology to enhance, not replace, human connection. Indeed, we hold that human-to-human relationships are indispensable, so from the match to the session to the time between sessions, we provide whole person care so nobody falls through the cracks and there is a brighter path forward for all.
The Compliance Manager will oversee healthcare regulatory compliance (including HIPAA and state licensing requirements), while also partnering with internal stakeholders across Legal, Clinical Operations, IT, and Security to ensure the organization maintains strong operational controls and regulatory readiness.
This role will help design and operationalize the company’s compliance framework, proactively identify risks, and ensure our policies and practices support ethical, compliant care delivery. We are looking for someone to join us in hybrid role in Salt Lake City or remotely from AK, AZ, CO, FL, MI, NV, NC, OR, TX, or WA.
Our Pillars
- Make things easier.
- Forge genuine connections.
- Elevate the standard.
Roles and Responsibilities
- Develop, implement, and maintain the company’s enterprise compliance program, including policies, procedures, and internal controls aligned with healthcare regulatory standards.
- Serve as the organization’s Privacy Officer, monitoring adherence to applicable federal and state healthcare regulations.
- Establish and maintain a compliance monitoring and auditing program to proactively identify risks and ensure operational compliance.
Audit Readiness & Risk Management
Conduct internal audits and compliance reviews
Lead payer audit preparation and response support
Manage HIPAA Security Risk Assessments and remediation efforts, internally or through vendors
Identify and mitigate regulatory risk before it becomes operational or financial exposure
Ensure compliance with key healthcare regulations including HIPAA, HITECH, state licensing requirements, telehealth regulations, and payer compliance obligations.
Monitor regulatory changes across the healthcare landscape and translate requirements into operational policies and procedures.
Support clinical and operational teams in maintaining compliance with documentation, privacy, and care delivery requirements.
Oversee compliance for telehealth
Ensure compliance with HIPAA Privacy and Security, Anti-Kickback Statute, Stark Law, CMS rules, and state regulations
Review clinical workflows, documentation standards, and care team roles for regulatory alignment
Evaluate new service lines, partnerships, and initiatives for compliance and reimbursement risk
Ensuring proper operating procedures are in place for compliance relating to employee onboarding and client admissions, clinical documentation, treatment, and discharge.
Privacy & Data Protection
Partner with IT and Security teams to oversee HIPAA privacy and security compliance, including policies governing PHI, access controls, and incident response.
Lead internal investigations related to potential privacy or compliance violations and coordinate remediation efforts.
Risk Management & Auditing
Conduct periodic compliance risk assessments and internal audits across clinical, operational, and technical systems.
Develop corrective action plans when gaps are identified and ensure timely resolution.
Prepare the organization for regulatory reviews, audits, and accreditation processes when applicable.
Conducts bench testing/auditing of business activities to confirm that compliance controls are operating effectively.
Leverages data analytics and investigative techniques to identify compliance trends, assess risks, and share actionable insights with key stakeholders.
Assist to ensure that ongoing regulatory and accreditation requirements such as internal inspections, written assessments, and emergency drills are completed on time.
Cross-Functional Collaboration
Work closely with Legal, HR, Clinical Leadership, IT, Security, and Operations to integrate compliance practices into day-to-day workflows.
Support vendor and partner compliance reviews, including due diligence related to data privacy and regulatory obligations.
Review marketing, patient communications, and external materials for compliance risk
Advise leadership on MSO and medical group structural compliance and contracting considerations
Monitor regulatory changes and brief leadership on impact and required actions
On-site Clinic Compliance
Ensure each office in assigned state(s) are operating within company policy, state licensing regulations and The Joint Commission Standards.
Ensure that all staff in assigned state(s) are onboarded within company policy, state licensing regulations and The Joint Commission Standards.
Obtain initial facility licenses for Mental Health and Substance Use Disorder Outpatient Treatment
Host and organize site visits/surveys/inspections; travel required.
Maintain office space compliance for the assigned state(s)
What We are Looking for
Strong working knowledge of HIPAA, payer compliance and audit requirements, multi-state behavioral health licensing regulations, and regulatory frameworks governing esketamine (Spravato) and TMS treatment programs
Proven operator who can turn regulations into executable workflows
High judgment, detail-oriented, comfortable operating with autonomy
Able to say no when required and explain why clearly
- Ability to work in a fast paced startup environment
- Grow and expand with the role and take on initiatives that grow the department
Qualifications
5+ years of experience in healthcare compliance, healthcare operations, or regulatory risk management, ideally in multi-state or growth environments
Experience supporting medical groups, MSOs, telehealth models, or behavioral health care delivery
Strong knowledge of HIPAA, healthcare regulatory frameworks, and privacy/security requirements.
Experience building or managing a compliance program within a healthcare organization or healthcare technology company.
Familiarity with IT compliance frameworks such as SOC 2, HITRUST, NIST, or similar regulatory/security standards.
Ability to interpret complex regulatory requirements and translate them into practical operational policies and processes.
Demonstrated ability to work cross-functionally with legal, clinical, and technical teams.
Preferred Experience in behavioral health, telehealth, or digital health environments.
Professional certifications such as CHC (Certified in Healthcare Compliance) or CHPC, strongly preferred
Experience supporting organizations operating across multiple states and payer environments.
Key Competencies
Regulatory expertise
Risk identification and mitigation
Policy development and implementation
Cross-functional leadership
Ethical decision-making and accountability
Benefits
Competitive compensation package
Full benefits including health, dental, vision, 401(k), and paid time off
Opportunity to join a purpose-driven, high-growth leadership team at a pivotal moment in behavioral healthcare transformation
Professional development opportunities and training
Collaborative and supportive work culture.
Not meeting all the requirements? Research indicates that women, communities of color, and historically underrepresented individuals are often hesitant to apply for jobs unless they meet every qualification. We are committed to cultivating a diverse, inclusive, and genuine workplace. If you're enthusiastic about this position but your previous experience doesn't precisely match every qualification listed, we enthusiastically encourage you to submit your application. You could be the ideal candidate for this role or others!
Headlight is committed to the principles of diversity, equity, and inclusiveness and seeks to create a working environment reflective of this commitment. We seek to provide a diverse clinician base to support the diversity of our clients. Headlight supports and respects diversity of people, culture, and ideas throughout our organization. Headlight thrives to be a welcoming, diverse and discrimination- and harassment-free workplace.
By applying for this position, you consent to receive future communications from Headlight via email or text regarding this application and related employment opportunities. You may opt-out at anytime by contacting us directly.
Job Postings on Indeed and other job boards may post with total compensation (base + bonus). For the exact base salary range please check our website or our job-site
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
ID
