Get new jobs for this search by email

Vice President of Legal, Risk, & Compliance Vice President of Legal, Risk, & Compliance
Circle Medical is the fastest-growing telemedicine provider in the US and has seen incredible growth of over 100% per year over the past three years. Circle Medical is a venture-backed Y-Combinator healthcare startup on a mission to bring quality, delightful primary care to everyone on the planet. Built by top-tier physicians, engineers, and designers, our medical practice and underlying technology have pioneered how people find and receive care.
More about us can be found on our website .
The VP, Legal, Risk & Compliance is a key member of the Executive Team, responsible for building and maintaining a robust risk and compliance infrastructure tailored to the unique demands of a virtual healthcare company. This role ensures adherence to federal and state telehealth regulations, digital privacy laws, and evolving reimbursement policies. The Executive leads enterprise risk, legal compliance, privacy, and security efforts while fostering a culture of ethical decision-making, transparency, and operational accountability in a distributed, technology-driven care model.
Lead the development and integration of a comprehensive enterprise risk and compliance strategy aligned with the organization's mission, legal obligations, and industry best practices
- Advise executive leadership and board committees on emerging risks, legal requirements, and ethical considerations
- Build and lead high-performing teams responsible for legal, compliance, audit, privacy, ethics, and enterprise risk
VIRTUAL CARE COMPLIANCE
CMS telehealth billing and reimbursement rules
- Office of Civil Rights (OCR) guidance for virtual care under HIPAA
- Maintain policies and procedures aligned with the rapidly evolving virtual care regulatory landscape
- Partner with legal and clinical leadership to ensure virtual clinical workflows meet standard-of-care requirements
PRIVACY AND DATA PROTECTION
- Lead incident response planning for privacy breaches, including patient notification and regulatory reporting
- Collaborate with IT and cybersecurity teams to ensure secure data storage, access controls, encryption, and third-party vendor compliance
- Monitor risks associated with cloud-based platforms, mobile apps, wearables, and remote patient monitoring technologies
ENTERPRISE RISK MANAGEMENT
- Identify and assess clinical, reputational, legal, and technological risks unique to virtual care delivery
- Implement risk mitigation strategies across the organization, including provider performance, data integrity, platform reliability, and patient safety
- Ensure scalable risk practices across all service lines, geographic locations, and vendor networks
REGULATORY AND CLINICAL AUDIT OVERSIGHT
- Establish audit procedures for virtual care delivery, clinical documentation, billing accuracy, and digital prescribing
- Ensure compliance with payer and CMS standards to minimize denial and audit risk
- Report key risks and compliance trends to executive leadership and board committees
Promote an ethical, inclusive, and compliant culture across a remote and geographically dispersed workforce
- Maintain a confidential reporting mechanism for compliance concerns
- Lead ongoing education and training programs around ethics, virtual care regulations, and patient safety
BUSINESS CONTINUITY AND TECHNOLOGY RISK
- Develop business continuity and cyber incident response plans tailored to digital operations
- Ensure continuity of care and secure communications in the event of platform downtime or security breach
- Review third-party vendor and software risks related to video, chat, and remote care platforms
Circle Medical is the fastest-growing telemedicine provider in the US and has seen incredible growth of over 100% per year over the past three years. Circle Medical is a venture-backed Y-Combinator healthcare startup on a mission to bring quality, delightful primary care to everyone on the planet. Built by top-tier physicians, engineers, and designers, our medical practice and underlying technology have pioneered how people find and receive care.
More about us can be found on our website .
The VP, Legal, Risk & Compliance is a key member of the Executive Team, responsible for building and maintaining a robust risk and compliance infrastructure tailored to the unique demands of a virtual healthcare company. This role ensures adherence to federal and state telehealth regulations, digital privacy laws, and evolving reimbursement policies. The Executive leads enterprise risk, legal compliance, privacy, and security efforts while fostering a culture of ethical decision-making, transparency, and operational accountability in a distributed, technology-driven care model.
Lead the development and integration of a comprehensive enterprise risk and compliance strategy aligned with the organization's mission, legal obligations, and industry best practices
- Advise executive leadership and board committees on emerging risks, legal requirements, and ethical considerations
- Build and lead high-performing teams responsible for legal, compliance, audit, privacy, ethics, and enterprise risk
VIRTUAL CARE COMPLIANCE
CMS telehealth billing and reimbursement rules
- Office of Civil Rights (OCR) guidance for virtual care under HIPAA
- Maintain policies and procedures aligned with the rapidly evolving virtual care regulatory landscape
- Partner with legal and clinical leadership to ensure virtual clinical workflows meet standard-of-care requirements
PRIVACY AND DATA PROTECTION
- Lead incident response planning for privacy breaches, including patient notification and regulatory reporting
- Collaborate with IT and cybersecurity teams to ensure secure data storage, access controls, encryption, and third-party vendor compliance
- Monitor risks associated with cloud-based platforms, mobile apps, wearables, and remote patient monitoring technologies
ENTERPRISE RISK MANAGEMENT
- Identify and assess clinical, reputational, legal, and technological risks unique to virtual care delivery
- Implement risk mitigation strategies across the organization, including provider performance, data integrity, platform reliability, and patient safety
- Ensure scalable risk practices across all service lines, geographic locations, and vendor networks
REGULATORY AND CLINICAL AUDIT OVERSIGHT
- Establish audit procedures for virtual care delivery, clinical documentation, billing accuracy, and digital prescribing
- Ensure compliance with payer and CMS standards to minimize denial and audit risk
- Report key risks and compliance trends to executive leadership and board committees
Promote an ethical, inclusive, and compliant culture across a remote and geographically dispersed workforce
- Maintain a confidential reporting mechanism for compliance concerns
- Lead ongoing education and training programs around ethics, virtual care regulations, and patient safety
BUSINESS CONTINUITY AND TECHNOLOGY RISK
- Develop business continuity and cyber incident response plans tailored to digital operations
- Ensure continuity of care and secure communications in the event of platform downtime or security breach
- Review third-party vendor and software risks related to video, chat, and remote care platforms
Graduate degree in Law (JD), Healthcare Administration (MHA), Public Health, or a related field required
Minimum of 10 years of progressive experience in healthcare compliance or enterprise risk, with at least 3 to 5 years in digital health or virtual care
S. telehealth regulations, payer billing rules, data privacy laws, and clinical operations
Experience working in a public or venture/private equity-backed company
Certified Professional in Healthcare Risk Management (CPHRM)
~ Telehealth Certification or relevant continuing education in digital health law
~ Familiarity with technology and cloud-based sys))
~