Compliance Architect

About Fountain Life
Fountain Life is redefining preventative and longevity-focused healthcare through advanced diagnostics, AI-powered insights, and world-class medical expertise. Our mission is to detect and prevent disease before symptoms arise — enabling members to live longer, healthier, peak-performance lives.

To learn more, visit www.fountainlife.com.

We are healthcare, reimagined.

As the Compliance Architect at Fountain Life, you build the foundation that allows innovation to flourish safely. While we push the boundaries with AI-driven diagnostics and personalized medicine, you ensure we protect the members who trust us with their health data.

You partner with engineers developing patient-facing AI tools, turning HITRUST, HIPAA, and GDPR requirements into frameworks our 200-person team can execute. Your work accelerates trust, opens markets, and protects our mission. You're building this program from the ground up—the architect, not just the auditor.

Own Our Regulatory Foundation

·  Manage our HITRUST r2 certification program end-to-end, from evidence collection to external assessor coordination

·  Build and maintain our HIPAA compliance program across all clinical and operational systems

·  Design compliance frameworks that enable international expansion with GDPR readiness

Pioneer AI Governance in Healthcare

·  Partner with engineering to establish governance for patient-facing AI diagnostic tools

·  Develop controls addressing algorithmic bias, model explainability, data leakage, and patient safety

·  Integrate compliance into product development workflows

·  Prepare for EU AI Act

Build Cross-Functional Trust

·  Advise executive leadership on risk and regulatory strategy

·  Translate regulations into clear guidance that enables teams

·  Deliver HIPAA and security awareness training

·  Manage compliance incidents with urgency and discretion

Key Responsibilities

·  Manage HITRUST r2 certification: scoping, controls, evidence, and assessor coordination

·  Maintain HIPAA Security Rule, Privacy Rule, and Breach Notification compliance

·  Create AI risk assessment frameworks integrated into product development

·  Conduct third-party vendor due diligence and risk assessments

·  Develop data protection frameworks satisfying HIPAA and GDPR

·  Conduct quarterly internal audits and gap assessments

·  Monitor regulatory changes and adapt programs proactively

Required

·  5-8 years compliance experience in healthcare, health tech, or medical devices

·  Direct HITRUST r2 certification management experience (non-negotiable)

·  Expert knowledge of HIPAA Security Rule, Privacy Rule, and HITRUST CSF r2

·  Experience implementing HIPAA compliance in cloud-based healthcare environments

·  Track record working with engineering teams in product-driven organizations

·  Ability to build compliance programs independently with minimal oversight

·  Strong understanding of cloud security architecture (AWS, Azure, or GCP)

·  Working knowledge of AI/ML systems and patient-facing AI diagnostic risks

·  Foundational understanding of GDPR and international privacy regulations

Preferred

·  HITRUST CCSFP, CISA, CISSP, CRISC, CISM, CIPP/US, CCEP, or CRCM certifications

·  Experience with ISO 27001, NIST Cybersecurity Framework

Core Competencies

·  Technical fluency to work directly with engineers and translate regulatory requirements

·  Strategic risk thinker who balances compliance rigor with business needs

·  Clear communicator to both technical teams and executive leadership

·  Self-directed with strong ownership and initiative

·  Collaborative partner seen as innovation enabler, not blocker

·  Calm under pressure during audits, incidents, and regulatory situations

What Success Looks Like in Year One

·  Complete HITRUST r2 re-certification with zero major findings

·  Build trusted advisor relationships with Engineering, Product, and Executive teams

·  Create comprehensive compliance documentation accessible to all teams

·  Develop GDPR readiness roadmap for international expansion

·  Position compliance program for scale as we grow

As the Compliance Architect, you'll:

·  Build a compliance program for one of healthcare's most innovative models

·  Work on emerging challenges at the intersection of healthcare AI and patient privacy

·  Protect 8,000 members while enabling life-changing healthcare innovation

·  Grow into leadership as our first compliance hire when we scale globally