Compliance Manager



Legal, Sales & Business Development
Posted on Tuesday, August 1, 2023

Healthcare needs good data. At PicnicHealth, we are building deep real-world datasets fueling cutting-edge research while giving patients control of their own medical record data. These complete, clinically-rich datasets produce unique insights — across dozens of diseases — to ultimately get the right treatments into patients’ hands faster. We do this by working directly with patients and leveraging state of the art machine learning to transform messy medical records into structured, research-ready datasets. To date we’ve helped tens of thousands of patients securely access their records and proactively contribute to advancing research in diseases that impacts their lives.

We raised $60 million in funding in a Series C in April 2022 led by B Capital Group. Our existing investors Felicis Ventures and Amplify Partners also joined the round, bringing the total we have raised to more than $100 million.

And we are just getting started! If you are looking to join an award winning, mission-driven, motivated team that is making a real impact across millions of people’s lives, PicnicHealth might just be the place for you.

The Opportunity

As the primary point for all things compliance and risk, you’ll have the opportunity to drive and implement the compliance strategy in a fast growing company that places great importance on maintaining the trust of our customers, partners, and regulators. You will be responsible for ensuring that PicnicHealth is compliant with governing regulation and protects our customer, user, and company information. You will nurture and protect a balanced culture of regulatory compliance, security awareness, and quality management by supporting and enabling strong risk analysis and practices throughout the company. You will provide leadership in maintaining appropriate policies, standards and practices for the entire company and ensure that we are in compliance with all applicable laws, directives, and policies regarding the security of information and quality practices. You will lead the operational processes for monitoring and maintaining compliance and security. You will report to the VP of Finance and work closely with our CTO, COO, CMO, and Product and Commercial Teams.

We are looking for someone who has a strong background in compliance and risk, preferably at a scaling technology start-up. Experience in healthtech is a bonus, but not required.

As the Compliance Manager, you will be responsible for:

  • Building and maintaining a compliance and information security program appropriate for PicnicHealth’s current business needs, stage and growth trajectory, with a focus of making compliance as seamless, effortless, and unobtrusive as possible for everyone at the company
  • Leading and overseeing internal and external audits and testing programs, gather and submit evidence, report risks, gaps, and proposed remediations to the management team
  • Developing and maintaining policies, procedures, standards, records, controls, and guidelines to manage risk and keep in good standing for Information Security, Quality Management System, and regulatory requirements that PicnicHealth is subject to, including Good Clinical Practice (GCP), HITRUST, ISO 9001, and relevant portions of CFR Title 21
  • Working across functions at the company as the expert and centralized authority on compliance, risk, and legal matters, partnering most closely with IT, commercial, research, product, and operations, advising the senior leadership team on impact across business strategy, programs, products, services, and operations
  • Managing and maintaining IRB relationships and submissions to ensure speed and success for PicnicHealth’s research studies
  • Supporting commercial team to close deals through building trust with partners — promptly and effectively completing vendor assessments and audits, and proactively productizing trust in PicnicHealth’s security, compliance, and regulatory posture

You are a strong candidate if you are:

  • Have at least 5 years experience in compliance and risk
  • Familiar with compliance frameworks and regulations that govern PicnicHealth (e.g. CFR 21, HIPAA, HITRUST, GCP, ISO 9001, ISO 27001, NIST, CCPA, SOC);
  • Have an ability to communicate complex or detailed technical topics with a variety of technical and non-technical audiences, clearly conveying risk assessments, actions needed, and cost implications.
  • Know how to scale with an organization and won’t let systems, processes or technology get stale when a company outgrows them;
  • Have an entrepreneurial spirit and crave a high-growth, fast-paced environment where you can innovate and help build a disruptive business.

Bonus Points if you have:

  • Experience working in Life Sciences/Pharma with a passion for improving the healthcare system and patients’ lives
  • Enterprise SaaS experience: You’ve worked for an enterprise software-as-a-service company previously
  • Start-up experience: You have worked in a small, high-growth company

We expect all team members to be motivated to be amazing in their roles and, ultimately, to move the PicnicHealth mission forward.

Perks & Benefits @PicnicHealth

At PicnicHealth you get to solve real problems with real solutions, great tech, and great people.

We’re a remote first company, with teammates spread across the US. We aim for quarterly in-person gatherings, expect to travel up to 4 times a year. For our team members in the Bay Area we can offer a hybrid set up to work from the SF office on a flexible schedule.

You also get:

  • Competitive salary
  • Comprehensive benefits including above market Health, Dental, Vision
  • Family friendly environment
  • Flexible time off
  • 401k plan
  • Free PicnicHealth account
  • Equipment and internet funds for home office set up

Equal Opportunity Statement

PicnicHealth is committed to promoting an inclusive work environment free of discrimination and harassment. We value a diverse and balanced team where everyone can belong.