Providence Technology Solutions is seeking a Compliance, Privacy, and Ethics Manager for a client in Jacksonville, FL. This is a permanent position.
The Compliance, Privacy and Ethics Manager will assist the Chief Compliance Officer as the company subject matter expert on the Code of Conduct, and on regulations applicable to client’s business operations, especially CAQH CORE, HIPAA and state privacy and security regulations. This role is responsible to ensure enterprise-wide regulatory compliance and oversees the Company mandatory compliance and ethics training program. Additional responsibilities include collaboration with the company’s separate audit function to establish mechanisms for monitoring and auditing key compliance indicators, and to detect offenses, perform investigations and root cause analyses, and implement corrective action initiatives, where appropriate.
The successful candidate will have an expert level of knowledge and experience with HIPAA, with CMS/OCR audits and investigations, and will be experienced in operationalizing compliance and risk management programs enterprise-wide.
- Update the compliance program and work plan, based on new laws and new risks to the enterprise
- Plan and execute regular compliance reviews, including privacy assessments, in accordance with accepted standards, reporting findings and making recommendations for mitigation and prevention of identified risks
- Manage enterprise-wide mandatory compliance & ethics training program
- Manage documentation and updates to compliance policies, procedures, and corrective action plans
- Track laws, regulations, and standards that affect the organization’s compliance policies, and facilitate required operational changes
- Educate the business on new and pending changes to laws, regulations, and standards that impact business operations
- Collaborate with the business to evaluate products and services to ensure compliance with HIPAA, HITECH/ACA, CAQH/CORE, EHNAC, fraud, waste & abuse, HITRUST and other relevant state and federal laws and regulations
- Support enterprise-wide audits, accreditations, certifications and assessments by third parties, including but not limited to vendors and health plans with audit rights, company financial auditors, SSAE-16, HIPAA, HITECH/ACA, CAQH/CORE, EHNAC, HITRUST, PCI, and fraud, waste & abuse audits
- Manage conduct of compliance and privacy investigations, and root cause analyses
- Foster a strong enterprise culture of compliance
- Active participation in industry workgroups such as WEDI, CAQH/CORE, and EHNAC
- Perform additional projects as assigned by the Chief Compliance Officer and Director, Regulatory Compliance & Risk
- Interact with all levels of the business, including senior executive management
- Requires approximately 30% travel.
- The above cited duties and responsibilities describe the general nature and level of work performed by people assigned to the job. They are not intended to be an exhaustive list of all the duties and responsibilities that an incumbent may be expected or asked to perform.
EDUCATION AND EXPERIENCE
- 8+ years in Healthcare Compliance, Privacy, and Security, with a minimum of 2 years supervisory or management experience
- Extensive knowledge of state and HIPAA standards for privacy & security, administration simplification, transactions and code sets (CORE), OCR investigations and breach notification rules
- Bachelor’s degree in Business Administration and/or applicable field
- Clinical training and experience is a plus
- One or more of the following certifications.
- Certification in Healthcare Compliance (CHC)
- Certified Healthcare Privacy Compliance (CHPC)
- Certified Compliance & Ethics Professional (CCEP)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Privacy Professional (CIPP)
- Certified Information Privacy Manager (CIPM)
- Certified Healthcare Information Security and Privacy Practitioner (HCISPP)
SKILLS AND KNOWLEDGE
- Deep and comprehensive level of subject matter expertise with HIPAA privacy & security, HITECH/ACA, and CAQH CORE rules, federal and state breach notifications, and other laws and regulations that control data privacy and security
- Must possess experience managing an effective compliance program to include:
- Auditing and monitoring
- Creating and administering effective training
- Conducting compliance breach investigations
- Developing policies and procedures
- Managing risk assessments
- Working knowledge of healthcare fraud and abuse
- Strong understanding of business processes, internal control, compliance programs and audit processes
- Ability to maintain confidentiality of highly sensitive information
- Must be intelligent and articulate with supervisory experience, and skilled at communicating compliance related concepts to a broad range of technical and non-technical staff
- Ability to adapt to constantly changing priorities in managing a wide variety of projects
- Ability to demonstrate initiative, accountability and leadership, as well as strategic and analytical thinking and problem solving skills
- Ability to influence without authority
- Working knowledge of IT audit/security evaluation techniques and tools, e.g. HITRUST
- Knowledge of information technology and business process evaluation and improvement techniques.
- An individual with high personal and professional integrity.
- A tactful and skilled diplomat who can manage conflict and lead consensus and yet at times say “no”.
- Highly articulate with the ability to communicate effectively and credibly in both oral & written context.
- A pragmatic and disciplined professional with highly honed problem-solving skills and the ability to balance multiple projects
- Ability to support Company policies and procedures during third party audits.
Resumes can be emailed to Lee.Shipman@ProvidenceTechnologySolutions.com.