Job Description

A fast-growing and high-impact startup that makes smart beds for children with cognitive conditions like epilepsy, cerebral palsy, dementia, and autism. Our mission is to improve the lives of special needs kids and their families through our innovative products and go-to-market strategies. Since launch, we have changed the lives of thousands of families, been insurance-covered in all 50 states, achieved profitability, and are building a growing team in our Denver HQ.

The Director of Healthcare & Privacy Compliance will lead all aspects of HIPAA compliance, PHI data governance, and broader healthcare privacy initiatives across the organization. This is a highly visible, cross-functional leadership role responsible for building and scaling a pragmatic, business-aligned compliance function. You will partner closely with leadership, IT, legal, and operations teams to ensure the organization operates securely and compliantly while maintaining speed and flexibility.

This role will serve as the central owner of compliance strategy and execution, helping establish clear policies, improve audit readiness, and create confidence across the organization that data privacy and compliance are well-managed.

Key Responsibilities

• Own and lead all aspects of HIPAA compliance and PHI data governance across the organization

• Develop, implement, and refine compliance policies, procedures, and controls related to data privacy and IT security

• Assess current systems and processes to ensure secure, compliant handling of sensitive health data at scale

• Partner with internal stakeholders and external advisors to build a scalable and right-sized compliance framework

• Improve audit readiness, reduce compliance risk, and support ongoing internal and external audit processes

• Serve as a key partner in vendor and partner discussions, including review and negotiation of data privacy terms and agreements (e.g., BAAs)

• Provide clear, actionable guidance to teams to enable efficient operations within compliance standards

• Collaborate cross-functionally with IT, operations, and leadership to embed compliance into day-to-day workflows

• Evaluate and implement tools and technologies (including AI) to improve compliance efficiency and effectiveness

• Help foster a culture where compliance is viewed as a strategic enabler of growth rather than a constraint

Here’s what we’re looking for

• 7+ years of experience in healthcare compliance, data privacy, or related field

• Deep understanding of HIPAA, PHI, and healthcare data privacy regulations

• Strong knowledge of IT security, data governance, and compliance frameworks

• Proven experience developing and implementing compliance policies and procedures

• Ability to assess risk and apply practical, business-oriented judgment

• Strong communication and interpersonal skills with the ability to influence cross-functional teams

• Experience working with internal stakeholders and external partners on compliance-related initiatives

Preferred:

• Experience building or scaling compliance functions in a health tech or high-growth environment

• Background in digital health, telehealth, remote monitoring, or home healthcare

• Experience with vendor risk management, data sharing agreements, and Business Associate Agreements (BAAs)

• Demonstrated ability to balance regulatory rigor with business agility

• Startup or entrepreneurial experience preferred

• Familiarity with leveraging technology and AI tools to improve workflows

• JD or advanced degree is a plus, but not required

Benefits & Perks

• Base Salary: Based on Experience
• Total Income: Base + bonus (20% of base)
• Stock Options - Equity Ownership
• Health, Dental, and Vision Insurance (90% paid premiums for employees, 50% for partners and dependents)
• Unlimited PTO & Sick/Wellness Hours
• 12 paid holidays, 1 paid volunteer day, 1 paid “powder day” to take advantage of Colorado’s great weather!
• 401k with a company match
• Hybrid Work Model

Location Denver, CO - Open to candidates willing to relocate.