Chief Privacy and Compliance Officer

Blue Shield of California • California, United States, US • 3w ago

Job Description

The Stellarus Compliance function oversees and promotes compliance across the company with a focus on compliance with privacy laws, compliance with relevant healthcare and other federal and state regulations, along with company compliance policies and requirements. The Chief Privacy and Compliance Officer will report to the Stellarus CEO along with dotted line reporting to the Stellarus VP, Chief Legal Officer. As the company’s first Chief Privacy and Compliance Officer, you will design and lead a comprehensive privacy and compliance program tailored to a fast-moving technology startup environment. You will play a hands-on role in ensuring that our health technology platform and digital health plan solutions comply with healthcare regulations (e.g., HIPAA, HITECH, CCPA) and internal compliance and ethical standards—without slowing down innovation. This role blends strategic oversight, cross-functional collaboration with leaders in the company and the ability to execute quickly and build sound a compliance program and operational processes from the ground up. Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow – personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning.

Responsibilities

Oversee Privacy, Regulatory Compliance and Data Governance

Act as the company’s Privacy Officer and Compliance Officer.
Establish privacy policies, procedures, and data use governance aligned with HIPAA, HITECH, CCPA, and similar U.S. regulations.
Partner with Product, Engineering, IT Security, and other teams to embed privacy into the product lifecycle.
Participate in privacy impact assessments, incident response planning, and data breach mitigation efforts.
Monitor the evolving regulatory landscape and maintain organizational readiness. Compliance Program Leadership
Build and operate a scalable compliance program suited for a growing tech organization including key compliance policies and processes.
Develop and deliver compliance training and awareness programs.
Manage and ensure internal and external audit readiness (e.g., HIPAA audits, SOC 2, HITRUST).
Manage and ensure third-party compliance with data handling standards.

Executive Strategy & Operations

Advise the Board, CEO and Executive Leadership team on privacy and compliance risks, regulatory trends, and operational requirements.

Provide practical, business-focused guidance to enable compliant innovation.

Develop metrics, internal and external reporting and dashboards that demonstrate the effectiveness of the privacy and compliance program.

Represent the company in Compliance and regulatory interactions and industry forums, where applicable.

About The Team

About Stellarus and the Ascendiun Family of Companies

Stellarus, launched in January 2025, is designed to scale innovative healthcare solutions that support customers in creating a health care experience deserving of their family, friends, and neighbors.

Stellarus is part of a family of organizations that is overseen by a nonprofit corporate entity named Ascendiun. The Ascendiun Family of Companies also includes Blue Shield of California and its subsidiary, Blue Shield of California Promise Health Plan and Altais, a clinical services company.

Stellarus’ vision is to empower its customers to create a healthcare experience that is worthy of their family, friends, and neighbors. Stellarus’ objective is to offer innovative, modern, scalable solutions that challenge the health care status quo. This very closely aligns with Blue Shield of California’s vision by using innovation to improve quality, affordability, and experience for members.

To achieve our mission, we foster an environment where all employees can thrive and contribute fully to address the needs of the various communities we serve. We are committed to creating and maintaining a supportive workplace that upholds our values and advances our goals.

Our Values:

At Stellarus, our core values of agility, trust, drive, courage and service shape our approach to developing innovative product offerings.

Our Workplace Model:

At Stellarus and the Ascendiun Family of Companies, we believe in fostering a workplace environment that balances purposeful in-person collaboration with flexibility. As we continue to evolve our workplace model, our focus remains on creating spaces where our people can connect with purpose – whether working in the office or through a hybrid approach – by providing clear expectations while respecting the diverse needs of our workforce.

Two Ways of Working:

Hybrid (Default): Work from a business unit-approved office at least two (2) times per month (for roles below Director-level) or once per week (for Director-level roles and above).Exceptions:
Member-facing and approved out-of-state roles remain remote.
Employees living more than 50 miles from their assigned offices are expected to work with their managers on a plan for periodic office visits.
For employees with medical conditions that may impact their ability to work in-office, we are committed to engaging in an interactive process and providing reasonable accommodations to ensure their work environment is conducive to their success and well-being.
On-Site: Work from a business unit-approved office an average of four (4) or more days a week.

Physical Requirements:

Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.

Please click here for further physical requirement detail.

Equal Employment Opportunity:

External hires must pass a background check/drug screen. Qualified applicants with arrest records and/or conviction records will be considered for employment in a manner consistent with Federal, State and local laws, including but not limited to the San Francisco Fair Chance Ordinance. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or disability status and any other classification protected by Federal, State and local laws.