Payrate: $68.00- $70.00/hr.
Summary:
This role sits at the intersection of HIPAA data governance and Software as a Medical Device (SaMD) regulatory compliance, ensuring that our products meet applicable privacy, security, and regulatory requirements throughout the product lifecycle. The successful candidate will work cross-functionally with Product, Engineering, Cybersecurity, Privacy, Legal, and Commercial teams to embed compliance into product design, architecture, and customer deployments while enabling innovation in AI-driven healthcare solutions.
Responsibilities:
- Lead implementation of HIPAA Privacy Rule and Security Rule requirements across products handling
- Support Business Associate Agreement (BAA) requirements and customer compliance expectations
- Partner with Privacy and Security teams on risk assessments, incident response, and remediation planning
- Support development of clinical evaluation and validation frameworks
- Product & Engineering Collaboration
- Work directly with engineering teams to translate regulatory requirements into technical controls and architecture decisions
- Review system designs and data flows for compliance with: HIPAA, security best practices, regulatory expectations for clinical software, Support implementation of secure development and deployment practices, Risk Assessment & Compliance Oversight, Lead or support HIPAA and regulatory risk assessments for new and existing products
- Maintain compliance documentation and evidence for: internal audits, customer due diligence, regulatory inquiries, identify gaps and define remediation roadmaps, Customer & Commercial Support
- Partner with Legal and Commercial teams to: review BAAs and customer data protection requirements
- support RFPs and compliance questionnaires, Provide guidance on customer-specific regulatory and data protection expectations, Cross-Functional Education
- Educate internal teams on: HIPAA requirements. PHI handling in digital products, SaMD regulatory considerations, Develop guidance materials and training for Product and Engineering teams
Required Qualifications
- 8-10+ years of experience in healthcare compliance, regulatory affairs, or health data governance
- Deep expertise in at least one of the following areas HIPAA Privacy & Security compliance OR SaMD / medical device regulatory affairs
- Working knowledge of the other domain, including PHI handling and governance OR clinical software regulatory frameworks
- Experience working with healthcare technology or SaaS products handling PHI
- cross-functional teams (Product, Engineering, Security, Legal)
- Strong understanding of cloud environments (AWS, Azure)
- Data security and access control principles
Education Requirements:
-
Bachelor’s degree in a relevant field required such as:
-
Health Sciences
-
Public Health
-
Life Sciences
-
Engineering (Biomedical, Software, or related)
-
Information Security / Computer Science
-
Healthcare Administration
-
Advanced degree preferred, such as:
-
Master’s degree (e.g., MPH, MS, MBA)
-
OR Juris Doctor (JD) with healthcare or regulatory focus
-
Relevant professional certifications (preferred but not required):
-
Certified in Healthcare Compliance (CHC)
-
Certified in Healthcare Privacy Compliance (CHPC)
-
Certified Information Privacy Professional (CIPP/US or CIPP/E)
-
HCISPP, CISSP, or equivalent (for security-focused candidates)
Preferred Qualifications:
- Experience with AI / machine learning systems in healthcare
- Familiarity with: FDA CDS / AI guidance, EU MDR / IVDR frameworks
- Experience supporting clinical decision support systems, digital health or AI-driven healthcare products
- Certifications such as: CHC / CHPC, CIPP/US, HCISPP, CISSP (security-focused candidates)
Pay Transparency: _The typical base pay for this role across the U.S. is: $68.00- $70.00/hour. Non-exempt positions are eligible for overtime at a rate of 1.5 times the base hourly rate for all hours worked in excess of 40 in a work week, or as required by state or local law. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education and experience. Full-time employees are eligible to select from different benefits packages. Packages may include medical, denmatch, lifeion benefits, health savings accounts with qualified medical plan enrollment, 10 paid days off, 3 days paid bereavement leave, 401(k) plan participation with employer match, life and disability insurance, commuter benefits, dependent care flexible spending account, accident insurance, critical illness insurance, hospital indemnity insurance, accommodations and reimbursement for work travel, and discretionary performance or recognition bonus. Sick leave and mobile phone reimbursement provided based on state or local law.
_
Consent to Communication and Use of AI Technology: _By submitting your application for this position and providing your email address(es) and/or phone number(s), you consent to receive text (SMS), email, and/or voice communication whether automated (including auto telephone dialing systems or automatic text messaging systems), pre-recorded, AI-assisted, or individually initiated from Aditi Consulting, our agents, representatives, or affiliates at the phone number and/or email address you have provided. These communications may include information about potential opportunities and information. Message and data rates may apply. Message frequency may vary.
_ _You represent and warrant that the email address(es) and/or telephone number(s) you provided to us belong to you and that you are permitted to receive calls, text (SMS) messages, and/or emails at these contacts. You also acknowledge and agree to Aditi Consulting LLC’s use of AI technology during the sourcing process, including calls from an AI Voice Recruiter. AI is used solely to gather data and does not replace human-based decision-making in employment decisions. Calls may be recorded.
_
_Consent is not a condition of purchasing any property, goods, or services. You may revoke your consent at any time by replying “STOP” to messages or by contacting privacy@aditiconsulting.com.
_ For information about our collection, use, and disclosure of applicant's personal information as well as applicants' rights over their personal information, please see our Privacy Policy _.
_
#AditiConsulting
#26-02533
