About this role
The Stellarus Compliance function oversees and promotes compliance across the company with a focus on compliance with privacy laws, compliance with relevant healthcare and other federal and state regulations, along with company compliance policies and requirements. The Chief Privacy and Compliance Officer will report to the Stellarus CEO along with dotted line reporting to the Stellarus VP, Chief Legal Officer. As the company’s first Chief Privacy and Compliance Officer, you will design and lead a comprehensive privacy and compliance program tailored to a fast-moving technology startup environment. You will play a hands-on role in ensuring that our health technology platform and digital health plan solutions comply with healthcare regulations (e.g., HIPAA, HITECH, CCPA) and internal compliance and ethical standards—without slowing down innovation. This role blends strategic oversight, cross-functional collaboration with leaders in the company and the ability to execute quickly and build sound a compliance program and operational processes from the ground up. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow – personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning.
Oversee Privacy, Regulatory Compliance and Data Governance
• Act as the company’s Privacy Officer and Compliance Officer.
• Establish privacy policies, procedures, and data use governance aligned with HIPAA, HITECH, CCPA, and similar U.S. regulations.
• Partner with Product, Engineering, IT Security, and other teams to embed privacy into the product lifecycle.
• Participate in privacy impact assessments, incident response planning, and data breach mitigation efforts.
• Monitor the evolving regulatory landscape and maintain organizational readiness.
Compliance Program Leadership
• Build and operate a scalable compliance program suited for a growing tech organization including key compliance policies and processes.
• Develop and deliver compliance training and awareness programs.
• Manage and ensure internal and external audit readiness (e.g., HIPAA audits, SOC 2, HITRUST).
• Manage and ensure third-party compliance with data handling standards.
Executive Strategy & Operations
Advise the Board, CEO and Executive Leadership team on privacy and compliance risks, regulatory trends, and operational requirements.
• Provide practical, business-focused guidance to enable compliant innovation.
• Develop metrics, internal and external reporting and dashboards that demonstrate the effectiveness of the privacy and compliance program.
• Represent the company in Compliance and regulatory interactions and industry forums, where applicable.