Senior Director Compliance and Privacy
About the role
The Senior Director of Compliance and Privacy reports to the Chief Compliance Officer and is responsible for the end-to-end management of the compliance and privacy program across all Stellar Health entities, including the SaaS business and two Accountable Care Organizations (ACOs).
This is a senior leadership role with direct oversight of the compliance function's daily operations, regulatory strategy, and external-facing interactions with health plan compliance teams, outside counsel, and government regulators.
This person will manage a compliance and privacy analyst, chair internal compliance governance bodies, and own the pre-contract compliance review process that supports Stellar's new business pipeline.
This role is critical given the current federal enforcement environment around risk adjustment, managed care, and Medicare Advantage, and requires someone who can operate with minimal oversight across multiple entities with distinct payor relationships and regulatory obligations.
How you'll make an impact
- Implement, maintain, and monitor all requirements established in the Stellar Health compliance plan, applicable laws and regulations, and customer contracts across all four entities.
- Lead pre-contract compliance reviews for new payor and provider agreements, enabling Stellar's revenue growth without creating regulatory or process bottlenecks.
- Own the compliance response process for payor compliance audits, HIPAA OCR inquiries, state AG investigations, and any DOJ/OIG enforcement activity, including early-stage triage, document production, and government interface.
- Execute the annual CRISP risk assessment process and develop annual work plans and program evaluations, calibrating the depth of compliance controls to the actual risk profile rather than overengineering processes that create unnecessary friction.
- Maintain an inventory of all applicable regulations and contractual compliance obligations across AKS, Stark Law, HIPAA, CMPL, and CMS program requirements, in partnership with other CRISP team members.
- Establish and monitor effective communication channels that promote a speak-up culture, including disseminating information and training, and receiving and responding to questions and concerns through anonymous reporting channels.
- Oversee thorough investigations and mitigation activities, including practices to prevent and detect retaliation.
- Manage compliance and privacy documentation including policies, procedures, plans, and standards across all four entities, ensuring consistency where appropriate and entity-specific customization where required.
- Build and maintain compliance monitoring strategies to detect anomalous user activity in the Stellar platform, including dashboards and reporting.
- Chair the Customer Compliance Council and the Compliance and Privacy Committee, and support the CCO with the Compliance, Security, and Risk Committee.
- Manage relationships with external stakeholders including outside counsel, customer compliance representatives, and regulatory bodies.
- Cover business courtesies and conflicts of interest processes.
- Support compliance and privacy aspects of customer and sales-related matters including pre- and post-contracting questionnaires.
What you'll bring
- 10+ years of experience in healthcare compliance and privacy, with progressive responsibility.
- At least 3 years of people management experience.
- Direct, hands-on experience with Anti-Kickback Statute safe harbor analysis, Stark Law, and HIPAA.
- Experience managing compliance across multiple legal entities or business lines simultaneously.
- Direct experience working with or for Medicare Advantage health plans, ACOs, or value-based care organizations.
- Experience responding to government inquiries or investigations (DOJ, OIG, state AG, or OCR).
- Experience with payor or health plan compliance audit processes, either conducting them or responding to them as a vendor or delegated entity.
- Familiarity with risk adjustment programs, HCC coding compliance, and the current CMS enforcement environment.
- Proven ability to calibrate compliance controls to actual risk, avoiding overengineered processes while maintaining regulatory defensibility.
- Excellent interpersonal, communication, and presentation skills that adjust to the audience.
- Bachelor's degree or equivalent demonstrated work experience in business, healthcare, or a related field.
Perks & Benefits
- Medical, Dental and Vision Benefits
- Flexible PTO
- Universal Paid Family and Caregiver Leave
- Wellhub+ Gym Memberships
- Pre-tax commuter benefits, HA, FSA plans
- Company sponsored One Medical memberships and Citibike memberships
- Medical Travel Benefits
- JOON, a flexible lifestyle spending account that gives our team a monthly stipend to spend on what matters most to them
- Stock Options & a 401k matching program
- A broad calendar of company sponsored social events that for our in-office and remote employees
- Company sponsored lunch for all NY HQ employees
Diversity & Inclusion
We believe that diverse teams—and the different identities, cultures, and life experiences our team members bring to the table—enable us to create amazing products, find creative solutions to interesting problems, and build an inclusive working environment.
Compensation Range
$200K - $240K
Stellar Health Employment Privacy Notice
At Stellar Health, your privacy and security as a job seeker is a priority no matter where you are in the interview process. As recruiting scams have become more prevalent, please take note of the following practices to ensure the legitimacy of any interaction with our team.
- Any communication from our recruiters and hiring managers at Stellar Health about a job opportunity will only be made by a Stellar Health employee with an @stellar.health email address.
- Stellar Health does not utilize third-party agencies for recruitment services and does not conduct text message or chat-based interviews.
- If you are ever unsure whether you are in contact with a legitimate Stellar Health teammate, please contact people-team@stellar.health.
- If you believe you've been a victim of a phishing attack, please mark the communication as “spam” and immediately report it by contacting the U.S. Federal Trade Commission.