Director, Compliance and Risk

The Director of Compliance and Risk provides senior-level leadership and strategic oversight of the organization’s risk management activities, Compliance Program requirements, and regulatory compliance. This role promotes compliance with all federal and state healthcare regulations, maintains a strong culture of ethical behavior, and safeguards patient information to improve operations. 

This is a hybrid position, with flexibility to come to our Mountlake Terrace office one day per week. The Director of Compliance and Risk will also travel to Kinwell clinics as needed. 
 
What you’ll do: 
 

Compliance, Risk, Privacy and Ethics Leadership 

• Serve as Kinwell’s Compliance & Ethics Officer and Privacy Official. 

• Provide strategic guidance to executive leadership and the Board on emerging regulatory trends, enforcement risks, and organizational compliance posture. 

• Promote organizational values and ensure compliance with legal and regulatory requirements. 

• Manage and mentor the Compliance team, ensuring alignment with organizational standards and expectations. 

• Develop and implement enterprise-wide compliance strategies, training, and communication programs. 

• Present compliance updates to executive leadership. 

• Serve as a liaison with external partners, including legal counsel, regulatory bodies, accreditation entities, and major stakeholders such as Premera. 

• Lead risk assessments, audits, investigations, and corrective action plans. 

• Maintain expertise in privacy laws (HIPAA/HITECH), enforcement trends, and internal controls. 

• Oversee compliance and privacy initiatives, including coding audits and incident management. 

• Manage privacy incidents, breaches and reporting obligations; conduct HIPAA risk assessments. 
   

Risk Management 

• Identify, evaluate, and reduce risks that may impact patient safety, clinical quality, or organizational operations. 

• Serve as the primary liaison for Internal Audit and ensure robust internal controls, risk mitigation strategies, and audit readiness across the enterprise. 

• Partner with operational and clinical leadership to strengthen processes, close gaps, and support strategic initiatives that improve safety, efficiency, and quality outcomes. 

• Conduct complex risk analyses, clinical risk reviews, and systemwide trend assessments to proactively identify and mitigate high-impact threats to patient safety and organizational operations. 

• Direct incident reporting systems, root-cause analyses, and corrective action implementation to drive high reliability and continuous improvement. 

• Partner with operational and clinical leadership to strengthen processes, close gaps, and support strategic initiatives that improve safety, efficiency, and quality outcomes. 

• Prepare risk assessments and present risk exposure trends to executive leadership and the Board. 
   

Cross-Functional Collaboration 

• Chair and oversee the Compliance Committee governance, including planning, facilitation and follow-up activities. 

• Establish and maintain a strategic partnership with the IT and Information Security teams to ensure alignment across regulatory compliance, data protection, and enterprise risk management initiatives. 

• Serve as a primary liaison to Premera Blue Cross, ensuring alignment on compliance programs, regulatory requirements and risk management strategies. 

What you’ll bring: 

• Bachelor’s degree or equivalent work experience. 

• Ten years of progressive experience in privacy and/or compliance roles. 

• Six years of experience leading a compliance, regulatory, or privacy program in a healthcare delivery organization. 

• Experience in program creation and implementation within a matrixed environment. 

• Demonstrated ability to provide leadership and oversight to non-technical operational functions, including cross-functional teams. 

• Demonstrated knowledge of healthcare compliance and privacy obligations. 

• Strong business acumen and ability to oversee operational functions without deep technical expertise. 

• Excellent interpersonal, public speaking, and written communication skills. 

• Ability to communicate complex information to all levels of the organization. 

• Proven ability to develop effective cross-functional relationships, including senior leadership and technical teams. 

• Ability to develop strategy, lead change, and manage efficient operations 

• Certified in Healthcare Compliance. (CHC) (Preferred) 

• Experience in high-level operational oversight of IT, digital operations, or data-governance functions. (Preferred) 

Working Environment 
 

Performed in a standard office environment. Occasional travel required within Kinwell’s service area. 
 

Physical Requirements 

•  This is primarily a sedentary role with prolonged periods of sitting at a desk and working on a computer.   

• This role requires the ability to use a keyboard and computer for extended periods of time and to communicate clearly and understandably in person and over the telephone.    

• Ability to lift or carry items weighing up to 10 pounds.