Elation Health is a leading cloud based electronic health records platform for independent primary care physicians and healthcare innovators looking to transition the primary care from fee based to value based model. We are building a primary care operating system that puts physicians first and in the driver’s seat to have a trusted relationship with their patients. We have enjoyed considerable growth, and are now looking for a GRC Manager to join our team.
As GRC Manager, you will unlock for our teams, from Sales to R&D to Customers, the ability to work fast and with confidence with your partnership as a subject matter expert and experience in compliance and controls frameworks.
You will be responsible for deploying and operationalizing our compliance programs, building and maintaining policies, procedures, training, communications, and controls. This role will execute the monitoring programs and will drive and formally document all monitoring and monitoring test work performed.
- Deploys, operationalizes and manages Elation’s compliance program, including coordinating with privacy, security, and other applicable stakeholders. Performs day-to-day management of this program.
- Coordinates with appropriate stakeholders to maintain and revise policies and procedures as necessary
- Ensures proper controls are in place for a coordinated security and compliance posture across a variety of functional organizations and their policies.
- Strong collaboration with internal and external stakeholders regarding compliance related topics. Working closely with Product, Engineering, IT, Security, and Customer organizations to ensure effective incorporation of compliance requirements.
- Monitors the performance of the compliance program on a continuing basis, taking appropriate steps to improve its effectiveness.
- Supporting regular compliance monitoring activities by performing or directing internal audits to ensure company-wide compliance with internal and external compliance requirements.
- Rolls out and maintains training and education for risk and compliance across the organization.
- Develops and maintains Elation’s security and compliance policy for dissemination to customers and prospects
- Manages and coordinates external vendor compliance review process
- Bachelor’s Degree or equivalent combination of relevant education and experience
- 5 years minimum experience in GRC, compliance or relevant industry.
- Prior experience planning and leading external audits
- Track and remediate gaps to completion
- Knowledge and understanding of information risk/security principles and related industry standards, such as NIST, PCI, ISO 27001, and HIPAA/HITECH
- Bonus points for experience working with regulations pertaining to healthcare and healthcare IT compliance (21st Century Cures, CEHRT, Ryan Haight Act, etc.), international and local privacy regulations including GDPR and CCPA.
- Strong oral and written communication skills, with ability to bring clarity to complex needs and requirements
- Ability to effectively prioritize to support near term execution while balancing the long-term growth of the company
Salary: $130,000 – $155,000 USD