Director Compliance and Risk

Get AI-powered advice on this job and more exclusive features. Base pay range $145,000.00/yr - $160,000.00/yr Additional compensation types Annual Bonus About Us Arora Health & Aesthetics is a fast-growing company that helps wellness and telehealth practices grow their business. Physician-led and patient-centered, we provide the team, technology, and tools clients need to deliver care with confidence. Whether it’s peptides, aesthetic treatments, weight loss, hormone therapies, or regenerative medicine, our platform makes it safe, simple, and scalable. Our clients rely on us to help them navigate complex regulations, launch and maintain compliant services, and streamline operations in an ever-evolving industry. We are seeking an experienced and highly organized Director of Compliance and Risk to build a strong foundation for compliance and adherence for both Arora and our clients. Position Summary As the Director of Compliance and Risk , you will serve as the designated compliance officer responsible for developing, implementing, and overseeing the company's comprehensive compliance program, including both daily operations and long-term strategy. You'll ensure adherence to all state and federal regulations, keeping Arora and our clients compliant as the landscape evolves and laws change. This role involves managing medical oversight and internal audits, developing and enforcing compliance policies, ensuring all provider credentialing and licensing are current, and delivering essential compliance training. A key part of your responsibility will also be to proactively monitor and manage compliance risks and incidents, working closely with executive leadership and third-party partners to uphold the highest standards of regulatory integrity. Key Responsibilities Compliance Leadership & Strategy Serve as the company’s internal compliance lead, managing day-to-day oversight and long-term planning Act as liaison to third-party compliance partners (e.g., HCP) to ensure coordination, visibility, and execution of shared compliance responsibilities Lead quarterly compliance reviews and submit reports to the CEO and executive leadership Interpret and implement state and federal regulatory changes, including CPOM, HIPAA, DEA, FDA, telehealth laws, LegitScript, and maintain a comprehensive regulatory change management system Medical Oversight & Audits Develop and implement a risk-based audit program to systematically review medical records, provider documentation, GFEs, and EMR compliance, including establishing audit criteria, schedules, and reporting mechanisms Monitor Good Faith Exam protocols to ensure they meet internal standards and state-specific telehealth laws Implement chart review processes for our provider network (10% sample or as required) Collaborate with medical directors/GFE providers to assess quality and regulatory risks within affiliated clinics Policy & Procedure Development Develop, update, and enforce compliance policies, including SOPs for new services (e.g., GLP-1s, peptides, IV therapy) in partnership with outside counsel Draft and maintain organizational compliance manuals, provider credentialing policies, and clinical oversight structures Oversee conflict of interest disclosures, grievance processes, and corrective action plans Credentialing, Licensing & Certification Ensure all provider licenses, DEA registrations, and state credentials are up to date and documented Help guide LegitScript Certification process with clients, coordinating with internal departments and external partners Compliance Education Conduct necessary training required for medical and non medical staff on team Work with HCP to provide onboarding compliance modules for new clinics and staff Monitor compliance hotline reports, investigate issues, and develop mitigation strategies Perform risk assessments and create incident tracking and resolution systems Qualifications Bachelor's degree in Healthcare Administration, Business, Legal studies or related field. Certifications in Healthcare Compliance (CHC) or Healthcare Privacy Compliance (CHPC) 5+ years of experience in healthcare compliance, regulatory affairs, or risk management —ideally in a healthcare, med spa, wellness, or telemedicine setting. Extensive experience in developing, implementing, and managing comprehensive compliance programs, preferably within the healthcare or telehealth industry. Deep expertise in state and federal healthcare regulations, including CPOM, HIPAA, DEA, FDA, and telehealth laws. Proven track record in conducting and overseeing medical record audits, provider documentation reviews, Good Faith Exam (GFE) protocols, and EMR compliance. Experience in policy and procedure development, including drafting SOPs, compliance manuals, and clinical oversight structures. Demonstrated ability to manage provider credentialing, licensing, and DEA registration processes, with a keen eye for detail and strong organizational skills. Experience in developing and delivering compliance training to diverse staff (medical and non-medical). Strong background in risk assessment, incident management, investigation, and the development of effective mitigation strategies. Excellent leadership, communication, and interpersonal skills for liaising with executive leadership, medical directors, external partners, and staff. Exceptional analytical and problem-solving abilities to interpret complex regulations and develop practical solutions. Nice to Have Master’s degree in Healthcare Administration, Business, or Legal studies. Experience working with telehealth services or weight loss programs. Familiarity with the LegitScript Certification process. Knowledge of compliance issues related to GLP-1s, online prescribing, or remote patient monitoring. Perks and Benefits Fully remote work with flexible hours Collaborative, fast-moving team environment Exposure to a high-growth sector with opportunities to expand your role $500/month stipend for insurance 2 Weeks PTO after 30 days of employment 10 paid company holidays #J-18808-Ljbffr