Compliance and Privacy Manager - Counsel

The Compliance and Privacy Manager oversees, in pertinent part, the following compliance risk areas:  (i) general compliance and compliance program effectiveness; (ii) fraud, waste and abuse and Deficit Reduction Act of 2005 workforce member and contractor compliance;  (iii) patient and employee confidentiality, organizational privacy, information governance, and data risk classification; (iv) accountable care organization compliance; (v) Medicare C & D/Medicare Advantage compliance program requirements; (vi) Federal healthcare program compliance; and (vii) other assigned risk areas identified through organizational experience, risk identification activities, or regulatory mandates.


 

• The Manager will support the Director of Corporate Compliance to ensure implementation of appropriate policies and procedures, support compliance training, conduct investigations.
• Perform compliance program effectiveness reviews based on the seven (7) elements of an effective compliance program as set forth in: (i) relevant U.S. Department of Health and Human Services compliance program guidance; (ii) U.S. Sentencing Commission Guidelines Manual; (iii) U.S. Department of Justice, Criminal Division, compliance program guidance; (iv) CMS Conditions of Participation; (v)  Medicare Shared Savings Program Accountable Care Organization Compliance guidance and regulatory requirements; and (vi) Medicare C & D/Medicare Advantage compliance program requirements.
• Maintain a system of reporting and ensure the integrity of all compliance investigations, direct and coordinate internal audits, and monitor HIPAA/Patient Privacy compliance.
• The Manager ensures that the Compliance Program effectively promotes prevention, detection, and resolution of instances of improper conduct to ensure conformity to state or federal laws, regulatory requirements, hospital policies, patient privacy, IT Security or the standards of conduct.
• The Manager will be responsible for following up on reported incidents of non-compliance, conduct and or coordinate internal investigations and prepare reports on the incidents and investigation findings.
• The Manager will be responsible for assessing compliance of the organization's policies and assist in updating or developing new policies.
• The Manager will assist in evaluating areas of potential billing, Stark, Anti-kickback compliance or patient privacy risk and collaborate with other managers within the organization to work with management to implement solutions to eliminate potential risks.
• Manage and investigate compliance questions, complaints, and reported incidents in collaboration with management, legal and human resources, as needed.
• Responsible for Compliance Program data analytics to develop reports for monitoring and auditing, case management and federal reporting.
• Responsible for developing organizational wide compliance communication plan, communications, and training programs.           
• Coordinate HIPAA Security compliance activities with the AH HIPAA Security Officer/Information Security Officer.
• Investigate HIPAA-related complaints and draft corresponding reports.
• Draft responses to HIPAA-related regulatory inquiries.
• Review business associate agreements, data use agreements, and limited data set agreements and ensure said agreements are acceptable as to compliance form and meet standard form internal requirements.
• Conduct risk assessments and audits pertaining to assigned compliance risk areas.
• Conduct compliance and privacy training and education.
• Prepare PowerPoints and present educational or compliance-related topics to AH constituents.
• Draft compliance and HIPAA-related policies and procedures, as well as policies and procedures related to other assigned risk areas.
• Assist in conflict-of-interest reviews, evaluations, and determinations.
• Assist in conflict-of-interest endorsement requests reviews.

Qualifications:

• Education:  A Juris Doctor degree from an ABA accredited law school and admission to the bar to practice law in one of the 50 States (or Washington, D.C.) of the U.S.  is required.  The holding of a Master’s Degree in public health, healthcare, accounting, allied health, clinical-related studies, compliance, audit, computer science, finance, education, law, privacy, information security, information governance, or another field related to the responsibilities of the position at hand, is a plus.

• Certifications: Candidates who hold the “CCEP” or “CHC” designation from the Compliance Certification Board are strongly preferred.  Any successful candidate who does not hold the “CHC” designation at the time of appointment will be required to obtain the same within 12 months of appointment.    A successful candidate must obtain either the “CISA”, “CRISC”, or “AAIA” designation from ISACA within eighteen (18) months of employment.

Experience:

• Five years minimum of health care compliance experience, health care administration, legal, fraud, waste, and abuse; internal audit, organizational compliance, regulatory affairs or a filed related to the responsibilities of the position at hand, is preferred.

• Experience in conducting compliance investigations, legal internal investigations, or similar investigations is required;

• Managerial experience in a healthcare organization or related setting is preferred.

Technical:

• Proficiency in Microsoft Word, Excel, PowerPoint.

Other Required Skills  

• Demonstrated current knowledge of business ethics, legal and compliance risks.

• Advanced and highly developed communication and influencing skills.

• Excellent writing skills.


#LI-AW1