Job Title: Compliance Specialist

About PHIflow

Founded in early 2018, PHIflow is a data and technology company combining artificial intelligence and legal expertise to help companies understand their HIPAA Business Associate Agreement (BAA) risks and requirements. Our founders have deep experience in healthcare, technology and strategy.  We’re looking for energetic and resourceful team members to help shape our company’s culture and join us on our exciting journey. 

Essence of the Role

PHIflow is looking to hire a Compliance Specialist to provide support as a subject matter expert on HIPAA, privacy laws and regulatory requirements and interpretation of those laws specifically as they apply to HIPAA Business Associate Agreements (BAAs).We are looking for an experienced compliance professional who is interested in taking an innovative approach to HIPAA compliance and data security regulations; someone who understands the regulatory compliance landscape and feels that it can be managed better. The ideal candidate will take a hands-on role working alongside PHIflow’s leadership, legal and product teams. This position will report directly to the Chief Operating Officer.


  • Maintains current knowledge of HIPAA/HITECH/BAA Privacy Rule Standards and other privacy laws, regulations, requirements and best practices
  • Develops and maintains process for reviewing BAAs on a regular basis to ensure compliance with HIPAA and privacy laws and changing regulations
  • Works closely with the Product, Development, Marketing, Customer and other teams to coordinate review of BAAs
  • Develops and disseminates educational materials to support internal and external teams in effective management of BAAs
  • Identifies high-risk situations in the area of privacy compliance and BAAs
  • Hire, train and retain a support team of other Compliance Specialists
  • Partner with outside counsel on various HIPAA and other privacy matters


This role is best suited for someone with at least 3 years of hands-on healthcare compliance experience, specifically in Health Information Privacy. Experience reading and reviewing BAAs is required. Experience with Office of Civil Rights’ (OCR) HIPAA Privacy and Security Audit Program is a plus.This candidate has deep understanding of the 2013 Omnibus Final Rule and is up to date on HITECH changes.Law degree or legal coursework is a plus, but not required. Successful complete of undergraduate studies is required.

Why this Role is Compelling

As a startup, all PHIflow team members wear many hats. We expect that the Compliance Specialist will as well. This role offers the chance to take part in a very unique and innovative entrepreneurial journey. We are building a diverse team to help us on our mission, where each individual will be a valuable contributor. We value professional development and learning, having an open mind, teamwork and striking the proper Life-Work balance.

PHIflow is an equal opportunity employer and offers salaries commensurate with qualifications and experience, complemented by competitive benefits for all employees. The Compliance Specialist role is a full-time position and will be eligible for performance bonuses and stock options based on performance. Position start date is ASAP.

How to Apply

Email a copy of your resume to: apply@phiflow.cowith “Compliance Specialist –Your Name” in the subject line. In the body of the email, please introduce yourself and reference how and where you found our Job Description. Please be willing to provide professional references upon request.

This position has been filled. Would you like to see our other open positions?