Compliance Analyst

About Us

Planet DDS is a dynamic and rapidly growing dental software company, serving over 13,000 practices across the United States with over 118,000 users. The company delivers a complete platform of cloud-based SaaS solutions for dental practices, including Denticon Practice Management, Apteryx Imaging, Cloud 9 Ortho Practice Management, and Legwork Patient Relationship Management. Planet DDS is committed to creating value for its dental practice clients by solving the most urgent challenges facing today’s dental practices.

A compliance analyst works collaboratively across the company to ensure our business operations and procedures comply with legal/regulatory requirements and external standards we have identified as important for our business and internal policies.

In this position, you will perform a range of duties including evaluating all current and new compliance regulations, reviewing company processes, and leading training sessions. The successful compliance analyst will understand that compliance is a team sport and that there are multiple avenues to demonstrate compliance. This requires excellent communication skills, ability to digest the latest industry and regulatory requirements, a flexible thought process, and the desire to understand risks at every layer of the tech stack.

This is a hybrid role working 2x per week in one of our office locations (Irvine, CA | Phoenix, AZ | Atlanta, GA | Akron, OH)

Job Duties

• Ensure Regulatory Compliance
• Support compliance initiatives specific to relevant regulations and frameworks for our business, including SOC2/Trust Services Criteria for emphasizing security, availability, confidentiality, and privacy, HIPAA Security and Privacy, and ISO 13485/FDA Medical Device compliance.
• Keep informed regarding pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational processes.
• Collaborate with legal and IT teams to create and update policies and procedures that align to compliance requirements and industry best practices.
• Communicate policies to relevant stakeholders and track acknowledgements.
• Conduct Risk Assessments and Plan Mitigation
• Conducts risk assessments related to ISO 13485, ISO 27001, and SOC 2.
• Identifies vulnerabilities, threats, and potential compliance gaps.
• Develops strategies to mitigate risks and enhance compliance.
• Collaborate with IT, Product, and Engineering team to refine remediation requirements and build roadmaps.
• Audits and Risk Assessments
• Plan and conduct risk assessment activities, including annual risk assessment and those needed to assess new or emerging risks.
• Identify vulnerabilities, threats, and potential compliance gaps.
• Develop strategies to mitigate risks and enhance compliance.
• Plan and conduct quarterly internal audits; document gaps.
• Address findings, coordinate appropriate corrective action plans with appropriate owners, track status of corrective actions.
• Assist in preparing for ISO 13485 and SOC 2 assessments.
• Conduct Data Security and HIPAA Breach risk assessments; collect evidence and gather information to enable reporting to third parties including clients and authorities as appropriate based on the risk assessment.
• Training and Awareness
• Educate employees on compliance requirements.
• Conduct training sessions related to ISO and SOC 2 as required; track attendance and successful completion.
• Promote a culture of proactive security, privacy and compliance within the organization.
• Documentation and Reporting:
• Maintain accurate records of compliance activities.
• Prepare registration materials and reports for management and regulatory bodies.
• Track progress toward compliance goals.
  

Skills & Qualifications

• 2 or more years of experience in compliance-focused roles, experience with IT, cybersecurity and data privacy third-party compliance assessments, including any of the following: ISO 27001, SOC2/Trust Services Criteria, HIPAA, HITECH and/or PCI.
• Familiarity with medical device compliance regulations is a plus, including any one of the following: ISO 13485, U.S. FDA, Health Canada, and MDSAP.
• An analytical mindset with excellent organizational skills
• Passion for details and consistency
• Strong collaboration and communication skills
• Excellent time management skills that allow you to handle simultaneous audits
• Ability to work in a fast-paced environment with minimal supervision.
• Sense of ownership and pride in your performance and its impact on the company’s success
• An inquisitive nature
  
  

PLANET DDS CORE IDEOLOGY

Why are we here?

Unleashing dentists and their staff to focus on patient care.

Where are we headed?

In the next 5 years, Planet DDS will remain the leading provider of cloud-based technology solutions in North America, expanding to serve more than 25,000 dental practices.

How do we get there?

To encourage measurable progress toward our vision and make the best decisions on behalf of employees and customers, we adopted a set of common values:

Collaborative – Working independently and across teams, we create scalable solutions to enable company growth

Empathetic – We are educated on the experience of our customers and feel vested in their success

Accountable – We feel ownership for the quality of our work and take pride in the positive outcomes

Trustworthy – We operate with integrity and honest, making promises we know that we can keep

Ambitious – We are driven by our ability to make a long-term, positive impact on the lives of dental market leaders