Director, Compliance

About the Role

We're growing our Compliance team and looking for a talented Compliance Director to own and scale this critical function. Reporting to the Deputy General Counsel and partnering closely with the General Counsel and the broader Legal team, you will be the day-to-day leader of Blink's Compliance Program across a fast-paced, highly regulated business that spans pharmacy operations, pharmaceutical manufacturer programs, network pharmacies, and patient-facing digital products. 

This is a hands-on, high-ownership role. In addition to setting compliance strategy, you will run the program's operating engine: privacy and HIPAA compliance, incident investigation and remediation, audits and certifications, regulator and consumer complaints, screening and integrity controls, training, and policy development. You'll work shoulder-to-shoulder with Legal, Information Security, Pharmacy Operations, Data/Engineering, and People teams, and you'll have meaningful room to shape the role as Blink continues to grow.

What You’ll Do

Compliance program leadership

• Own, advance, and champion Blink's enterprise Compliance Program, including the code of conduct, conflicts-of-interest, gifting, and whistleblower/reporting frameworks.
• Lead the established compliance operating cadence (including weekly compliance reviews and the compliance committee), maintaining clear action items, accountability, and follow-through.
• Provide periodic reports to the Deputy General Counsel and General Counsel on the nature, progress, and status of the program and emerging risks.

Privacy & HIPAA

• Own the HIPAA compliance program — policies, procedures, authorizations, revocation processes, and recordkeeping — keeping it current and continuing to strengthen it as the business and regulations evolve.
• Maintain and enhance the practical guardrails and job aids that help Data, Engineering, and IT teams handle PHI correctly (e.g., approved-vs-not-approved platforms for PHI, data-governance guidance, BAA tracking with vendors).
• Monitor and operationalize evolving privacy and consumer-protection requirements, including HIPAA, FTC, and state privacy laws.

Investigations, incidents & remediation

• Investigate and document potential compliance and privacy concerns, including HIPAA incidents and unauthorized-disclosure events, and partner with stakeholders to develop and execute remediation, coaching, and corrective-action plans.
• Manage intake and response for medical-records and legal-process requests in coordination with Legal Operations.

Audits & certifications

• Cooperate with internal and external auditors and reviewers, and lead Blink's responses to security and compliance audits and certifications (e.g., SOC 2, HITRUST) and to client/partner audits of Blink.
• Support responses to regulator and state Attorney General inquiries in partnership with Legal.

Consumer & patient matters

• Manage consumer and patient complaints, patient requests to access or delete information and other privacy-rights requests, and state Attorney General consumer-protection complaints, escalating to Legal where matters become formal enforcement.

Screening & integrity controls

• Administer Blink’s exclusion and sanctions screening program (OIG/SAM/OFAC), including supporting screening-tool implementation and the investigation of potential screening hits, in partnership with the People team.

Pharmacy & program compliance

• Partner with Pharmacy Operations and Clinical teams on quality and error-handling processes (e.g., fulfillment-error review, clinical templates and calibration) and support adverse-event reporting and pharmacovigilance policy.
• Support compliance for patient-assistance and manufacturer-sponsored programs, including enrollment/unenrollment processes.

Training, policies & culture

• Oversee compliance education and training for all Blink employees, including developing training content and curricula. 
• Collaborate cross-functionally to determine, document, and implement policies and standard operating procedures that support a culture of compliance.
• Support special projects and broader Legal team initiatives as the team and company grow.

What You'll Bring

• Bachelor’s degree required.
• 8+ years of experience in compliance, legal, privacy, or risk-management roles, preferably in healthcare, pharmacy, or the pharmaceutical supply chain. 
• Strong working knowledge of HIPAA and health-information privacy, and familiarity with FTC and state privacy/consumer-protection laws; understanding of Medicare, medical reimbursement, and third-party payor regulations.
• Hands-on experience running compliance operations — investigations and incident response, policy and SOP development, training, and recordkeeping.
• Experience supporting audits and security/compliance certifications (e.g., SOC 2, HITRUST) and responding to client, regulator, or Attorney General inquiries is strongly preferred.
• Familiarity with OIG/SAM/OFAC exclusion and sanctions screening, and with compliance tooling (e.g., screening and compliance-management platforms).
• Strong analytical skills with the ability to assess complex compliance risks and propose practical, business-minded solutions.
• Excellent oral and written communication skills, including with senior management, and the ability to distill complex concepts into simple, usable guidance.
• Strong organizational skills and attention to detail, with the ability to manage many concurrent workstreams and deliver on time.