Compliance & Risk Management Specialist

ABOUT 10X HEALTH SYSTEM
10X Health System is a pioneering company at the forefront of the health and wellness industry, dedicated to revolutionizing the way individuals approach their personal health and well-being. With a philosophy rooted in the principle that optimal health is the foundation for a life lived to the fullest, 10X Health provides cutting-edge solutions and personalized health plans designed to empower individuals to achieve and maintain peak physical and mental performance.

The company's comprehensive approach to health combines the latest advances in medical science, nutrition, fitness, and technology to offer a suite of services that include state-of-the-art diagnostic testing, individualized treatment protocols, and ongoing support from a team of world-class health professionals. 10X Health's commitment to innovation and results has established it as a leader in the health optimization space, catering to those who strive to push the boundaries of what is possible in their health journey.

Compliance Program Oversight 

• Maintain and update 10X Health’s corporate compliance program, policies, and procedures
• Monitor developments in telehealth regulations, FDA guidance as it relates to healthcare, scope-of-practice laws, CLIA/licensure requirements for all clinics, and genetic privacy rules (e.g., GINA, CCPA/CPRA)
• Coordinate with legal, HR, regulatory, and product teams to ensure regulatory alignment across services and platforms
• Collaborate with the Director of Regulatory Affairs on claims substantiation workflows, asset approvals, and compliance documentation systems 

Risk Assessments & Audits 

• Conduct regular risk assessments and internal audits to evaluate adherence to applicable laws, standards, and internal policies
• Perform gap analyses and lead or support remediation efforts for identified risks
• Maintain audit logs, risk registers, and documentation required for regulatory readiness 

Privacy & Data Protection 

• Assist with the development and enforcement of HIPAA-compliant and state-specific privacy policies
• Implement and monitor data processing agreements (DPAs), data use policies, and third-party vendor practices for compliance
• Monitor consumer data rights requests and support privacy-related incident response 

Licensure, Credentialing & Operational Compliance 

• Track telehealth provider licensing and practice regulations across states
• Coordinate with the Director of Regulatory Affairs, who leads product and marketing claims compliance to ensure clinical and marketing practices comply with federal (FTC) and state marketing and advertising rules, as needed
• Support internal training and awareness programs for staff on compliance matters

• Deep understanding of healthcare privacy and compliance frameworks (e.g., HIPAA, CCPA/CPRA, GINA, GDPR, FTC guidance)
• Experience with telehealth, digital health, or wellness-based care models, including functional or integrative medicine
• Proven ability to conduct audits, lead risk assessments, and support remediation planning
• Familiarity with CLIA/CMS standards, multistate licensure tracking, and dietary supplement regulations
• Comfortable reviewing vendor practices, managing data processing agreements, and responding to privacy incidents
• Able to communicate regulatory requirements clearly and contribute to staff training efforts
• Experience interfacing with external legal counsel, regulatory agencies, and/or third-party auditors
• Comfortable working in fast-paced, scaling environments with evolving regulatory needs 

• 5+ years in healthcare compliance, legal, or regulatory affairs with direct experience in telehealth, digital health, or wellness-based care
• Bachelor’s degree in a relevant field required; advanced degree (JD, MPH, MBA, or similar) preferred
• Solid understanding of healthcare and privacy regulations and frameworks (CCPA/CPRA, GINA, FTC guidance, GDPR state telehealth laws)
• Exposure to health IT systems and security frameworks (e.g., NIST, HIPAA Security Rule)
• Experience operating or supporting privacy management platforms (e.g., OneTrust) 
• Certified in Healthcare Compliance (CHC), Certified Information Privacy Professional (CIPP/US), or similar credential preferred 

• Prolonged periods of sitting at a desk

Powered by JazzHR