Key Facts

Remote From:

Full time

Expert & Leadership (>10 years)

English

Hard Skills

Medicare Enterprise Risk Management (ERM) Auditing Auditing Billing Policy Enforcement Corrective And Preventive Action (CAPA) Vendor Management Compliance Management Compliance Management +7 more

Other Skills

•
Program Management
•
Communication
•
Leadership

Roles & Responsibilities

Bachelor’s degree required; Master’s or healthcare-related advanced degree preferred.
Certification in Healthcare Compliance (CHC) or equivalent highly desirable.
10+ years of experience in healthcare compliance; experience in healthtech or regulated technology companies preferred.
Deep knowledge of HIPAA/HITECH, False Claims Act, Anti-Kickback Statute, and CMS ODAG requirements; ability to manage a remote nationwide workforce.

Requirements:

Develop, implement, and manage the Comprehensive Compliance Program, including policy development, training, and the foundational Seven Elements per OIG.
Oversee regulatory activities such as FDR management, exclusion screening (OIG LEIE and SAM), ODAG monitoring, internal audits, and reporting mechanisms.
Lead investigations into potential compliance breaches, coordinate corrective actions, and chair the Compliance Committee with regular Board/Executive reporting.
Oversee risk assessment, vendor management, cybersecurity coordination with IT/Engineering, and act as primary liaison for external audits and inspections.

Isaac Health

About Isaac Health

Isaac Health is a virtual and in-home clinical service for dementia and other brain health conditions. Isaac Health partners with health systems and payers for screening, diagnosis, treatment, and ongoing care management at a population scale. Developed by leading neurological specialists, Isaac Health's proprietary care model is evidence-based and comprehensive, including services like medication management, cognitive rehabilitation, counseling, and psychosocial support. All of Isaac Health’s clinical services are in line with the gold standard of medical care, covered by insurance, and allow for fast access to specialists within days, not months. Isaac Health's mission is to radically improve access and brain health care outcomes for the population. Its thoughtful workflows and technology are built specifically for those at risk for and affected by Alzheimer’s disease and related neurological disorders — all to help patients and their families be as healthy and happy as possible, for as long as possible.

Company type: Scaleup

Founded: 2018

Company size: 11 - 50

Website LinkedIn See all jobs →

Job description

Compliance / Security Officer Job Description

Role Overview

The Compliance Officer is a key member of the executive leadership team, responsible for the development, implementation, and ongoing management of the organization’s Comprehensive Compliance Program. This role ensures that the organization operates in full accordance with federal and state laws, including HIPAA, CMS (Medicare Advantage/ODAG), and OIG guidelines.

Core Responsibilities and Duties

Program Structure and Implementation
1. Define Program Structure: Establish and maintain the foundational "Seven Elements" of an effective compliance program as defined by the OIG.
2. Policy Development: Draft, implement, and update compliance policies and procedures.
Educational Requirements and Training
1. Define Educational Requirements: Determine the mandatory compliance curriculum for all employees and contracted providers.
2. Training Oversight: Ensure completion of Fraud, Waste, and Abuse (FWA), HIPAA, and General Compliance training within 90 days of hire and annually thereafter.
Regulatory Oversight and FDR Management
1. FDR Compliance: Oversee the organization’s status as a First Tier, Downstream, and Related Entity (FDR), ensuring all contracted physicians and vendors meet CMS criteria.
2. Exclusion Screening: Manage the monthly screening process against OIG (LEIE) and GSA (SAM) databases for all staff and contractors.
3. ODAG Monitoring: Audit the timeliness of Organization Determinations, Appeals, and Grievances to ensure compliance with CMS.
Auditing, Monitoring, and Reporting
1. Internal Audits: Define the annual audit calendar, focusing on high-risk areas such as multi-state licensure, billing accuracy, and telehealth prescribing.
2. Reporting Mechanisms: Maintain and publicize an anonymous reporting "hotline" or channel for staff to report concerns without fear of retaliation.
3. Investigations: Lead internal investigations into potential compliance breaches or unethical conduct and oversee corrective action plans.
Governance and Communication
1. Compliance Committee: Chair the internal Compliance Committee and provide regular reports to the Board of Directors and Executive Leadership.
2. External Liaison: Act as the primary liaison for external audits from payers (e.g., IBX) or government agencies.
3. Risk Assessment: Conduct an annual enterprise-wide risk assessment to identify and mitigate emerging regulatory threats.
Cybersecurity
1. Oversight: work with the technology org to ensure secure, compliant, and safe function across Engineering and IT. Jointly track customer assessments, requirements, and remediation where needed, and keep abreast of industry trends and standards.
2. Vendor Management: evaluate current and potential vendors for trustworthiness, security principles and practices, and overall risk to the company. Own vendor relationships in the security and compliance space.

Qualifications

Education: Bachelor’s degree required; Master’s, or healthcare-related advanced degree preferred.
Certification: Certification in Healthcare Compliance (CHC) or equivalent is highly desirable.
Experience: 10+ years of experience in healthcare compliance. Past roles at healthtech/other highly regulated technology companies preferred.
Skills: Deep knowledge of HIPAA/HITECH, False Claims Act, Anti-Kickback Statute, and CMS ODAG requirements. Strong ability to manage a remote, nationwide workforce.

Key Performance Indicators (KPIs)