The Compliance Manager will have primary accountability for assisting in managing the organization's HIPAA Compliance Governance function. This role will work with business operations and technology partners to identify compliance risks within the governing laws, rules and regulations. This role will work across the enterprise to lead a full range of programs governing the company's compliance and privacy framework and execution. Serves as the Company's HIPAA Compliance Privacy & Security Officer
ESSENTIAL DUTIES AND RESPONSIBILITIES:
* Assist in developing, implementing and managing Compliance Programs, including privacy and data protection
- Performs as a subject matter expert on compliance matters.
- Monitors and communicates to stakeholders new and revised laws and regulations
- Develops and oversees audits to ensure compliance with state and federal laws, and regulation standards
- Develops and directs process for internal incident reporting
- Prepares and assists with presenting clear, accurate and timely reports on privacy and data protection risks, risk mitigation measures and compliance activities to key stakeholders, senior management, Operational Risk Committee and the Board of Directors
- Provides guidance to Departments/Business Units in the design and evaluation of privacy and data protection related tools and projects
- Oversees investigations and acts on reported or allegations of unethical /improper conduct
- Leads in the investigation of sentinel events, near misses, and significant adverse events
- Leads and/or participates in the development of root cause analyses as directed
- Ensures corrective action is issued when appropriate.
- Participates in client meetings and regulatory inspections for questions related to compliance matters, including privacy and data protection matters.
- Assists in developing, and reviewing annually, supporting compliance and Privacy policies, standards and procedures.
- Reviews and provides annual Compliance and Privacy course materials (internal Learning Management System tool).
- Performs other duties as assigned.
EDUCATION AND EXPERIENCE REQUIREMENTS:
- Bachelor's degree in related field
- 10+ years of HIPAA compliance and privacy experience preferred
- Deep understanding of HIPAA, HITECH and the Final Omnibus Rule regulations
- Ability to make decisions independently and clearly articulate them to a broad audience
- Excellent relationship building skills-ability to consider multiple viewpoints
- Experience in performing data protection and privacy assessments against the relevant regulations
- Experience in assessing the impact of current/emerging data protection and privacy regulations on the organization
- Comprehensive knowledge of healthcare operations and management of an effective compliance and ethics program, including training, risk assessment, monitoring, auditing, investigating issues and addressing violations
- Demonstrated ability to present to various levels of leadership
- Ability to communicate effectively, verbally and in writing
- Excellent grammar, spelling and interpersonal skills
- Process oriented
- Certification of CHC, CHPC, CPHRM, CHPS, RHIT or RHIA preferred
- Experience in developing a compliance program
- Master's degree in Public Health, Healthcare Administration, or Bachelor's degree with ten years of experience working in the healthcare regulatory Compliance field