Director of Compliance and Privacy
Summary of Position:
The Director of Compliance and Privacy is responsible for overseeing all compliance and privacy matters across the organization. This role includes evaluating, developing, implementing, maintaining, and ensuring adherence to company policies and procedures. The Director ensures the visibility and effectiveness of compliance programs throughout the organization, monitoring and driving compliance initiatives. Key responsibilities include overseeing compliance policies and procedures related to the privacy and security of patient information, ensuring the organization's adherence to federal, state, and local laws, with a primary emphasis on the Health Information Portability and Accountability Act (HIPAA). This position demands a comprehensive understanding of regulatory requirements and a commitment to maintaining the highest standards of compliance and privacy.
Duties & Responsibilities:
- Oversight of all compliance and privacy functions
- Monitors and coordinates the development and implementation of the corporate compliance program
- Ensure company is compliant with HIPAA and return of information requirements, including monitoring of legal changes to such statutes, regulations, etc.
- Development, implementation, and maintenance of appropriate privacy and security related policies and procedures; as well as ensure consistent application of such to all employees
- Conducts Security Risk Assessments (SRA), and/or Privacy Risk Assessments (PRA) as needed/required
- Oversight and development of all compliance and privacy training
- Administers the process for receiving, documenting, tracking, investigating, mitigating, and acting on all privacy or security complaints or non-compliance events in conjunction with human resources, other compliance officers, and legal counsel
- Collaborates with legal counsel and management to ensure the organization maintains appropriate privacy and confidentiality consent and authorization forms, as well as notices and materials that reflect current organizational and legal practices and requirements
- Oversees any responses necessary to third parties involving compliance and privacy (i.e., HHS or OCR)
- Oversight of all ongoing compliance investigations, action plans, interventions, root cause analyses and incidents including reporting out to leadership of the company
- Oversees the management and operations of the Corporate Compliance Hotline
- Collaborate with employees at all levels of the company
- Supervise the Compliance Team and responsible for ensuring the team is meeting their responsibilities
- Performs other duties as assigned to ensure effective operation of the department and the company
- Live by and promote Verisma company values
Minimum Qualifications:
- Bachelor’s degree required; Master’s degree or other advanced degree preferred
- Minimum of 7 years’ experience in advancing roles related to compliance and privacy for a healthcare organization
- Extensive knowledge of Health Information Management and HIPAA required
- Proven ability to define problems, collect and analyze data, draw conclusions, and influence decision-making through reporting and analytics
- Demonstrates strong written and verbal communication skills
- Maintains confidentiality and demonstrates trustworthiness
- Willingness to be accountable for business deliverables
- Excellent interpersonal skills, especially when dealing with clients, senior executives, sales teams, and business partners
- Must be willing to travel up to 50% of the time