Director of Privacy

Job DescriptionJob DescriptionPOSITION SUMMARY:

MyCare Medical Group is a healthcare organization committed to delivering the highest quality, most cost-effective care to its patients.  We are currently seeking a knowledgeable and experienced Director of Privacy & Risk Management, who will provide leadership in the development, implementation, and maintenance of MyCare’s Compliance Program and associated work plans.  This individual must have extensive experience working with federal and state regulations (including HIPAA and OSHA), auditing and executing security and safety policies and procedures, and ensuring a patients’ rights and protection of their protected health information (PHI).  Successful candidates will have an adaptable and positive attitude, fantastic interpersonal skills, and a drive to create a positive impact across a building enterprise.

RESPONSIBILITIES :
 

• Privacy:
  • Serve as a subject matter expert and trusted resource on federal and state privacy laws, particularly HIPAA, and continually monitor regulatory and legislative activity within this space.
  • Build, implement and maintain a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of PHI of all forms across all media types. Further ensure all internal privacy forms, policies, standards, and procedures are current in line with industry standards and regulatory requirements.
  • Collaborate internally with the Company’s Security Officer and Compliance Officer to foster a culture of privacy awareness through ensuring alignment between the Company’s security, privacy and compliance programs, including development of, and measuring adherence to, internal policies and practices.
  • Establish an ongoing process to track, investigate and report inappropriate access and disclosure of protected health information and further monitor patterns of the same.
  • Perform continual information privacy risk assessments, mitigation and remediation.
  • Establish, oversee and administer annual privacy training within the Company, including refreshing such training as necessary.
  • Manage all required privacy breach determination and notification processes under HIPAA and/or applicable State regulations and requirements, including performing risk assessments for actual privacy breaches.
  • Collaborate with the Company’s Medical Records department to oversee patient rights to inspect, amend, and restrict access to protected health information when appropriate.
  • Partner with the Company’s Security Officer to develop and implement ongoing monitoring of all business associates and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.
  • Partner with the Company’s Security Officer and Compliance Officer to further develop and administer a process for investigating and acting on privacy and security complaints.
  • Cooperates with the U.S. Department of Health and Human Service's Office for Civil Rights, State regulators and/or other regulatory bodies in any compliance reviews or investigations.
  • Collaborate with executive leadership, internal counsel, and other impacted parties to represent the Company's privacy interests with external parties, including federal, state or local government bodies, who undertake to adopt or amend privacy legislation, regulations, or standards.

 

• Risk Management & Corporate Compliance:
  • Plan, coordinate, and conduct internal audits to ensure compliance with regulatory standards and internal policies, and collaborate with cross-functional teams to conduct risk assessments and implement risk mitigation measures.

• Continue the development and execution of a comprehensive corporate risk management and compliance program, identifying potential areas of risk within the organization.
• Develop strategies to mitigate risks related to clinical operations, medical coding, and compliance with healthcare regulations.
• Interpret and communicate changes in regulations to relevant stakeholders.
• Develop and maintain relationships with regulatory agencies and stay informed about updates in healthcare compliance.
• Draft, implement, and maintain Standard Operating Procedures (SOPs) and training.
• Stay abreast of state and federal regulation requirements to support organizational training.
• Facilitate larger enterprise training programs across multiple clinics; implement and teach strategies to management to successfully prevent risk.
• Lead compliance-related projects and initiatives, participating collaboratively in staff meetings, committees, on projects and teams to resolve issues and to meet compliance program goals.

QUALIFICATIONS:

• Bachelor's degree in healthcare administration, business, or a related field required, with juris doctorate preferred.
• Certification in Healthcare Privacy and Security or Healthcare Compliance highly preferred.
• Strong understanding of Medicare Advantage, Medicaid Managed Care, and Medicare/Medicaid Fee for Service (FFS) programs.
• Strong background within medical coding highly preferred.
• Minimum of 10 years’ experience implementing and managing corporate compliance programs
• Experience working at early-stage portfolio companies sponsored by a private equity firm highly preferred.
• Ability to organize priority of work throughout the day and be flexible in a results-driven, fast-paced, growth oriented, emerging company.
• Ability to self-direct and work autonomously and independently while consistently showing self-initiative.
• Strong relationship management and interpersonal skills, including optimism, diplomacy, responsiveness, and authenticity. 
• Excellent computer skills, specifically with Microsoft Office (Office 365) applications (Outlook, Excel, Word).
• Experience with KnowBe4 highly preferred; ability to work with privacy incident and employee training programs.
• Extensive knowledge of federal and state privacy and compliance regulations, including HIPAA; Strong knowledge of federal and state laws and regulations.
• Demonstrated experience conducting compliance investigations.
• Excellent written and verbal communication skills.
• Detail-oriented with strong analytical and problem-solving skills.
• Strong technical expertise in interpreting applicable regulations and implementing guidance based on such interpretations in a corporate environment.
• Travel required; ability to travel at least 25% of the time to conduct site visits and audits.

BENEFITS

• Comprehensive benefits package, including Health, Vision, Dental, and Life insurances
  • FSA and Life Assistance Program (EAP)
  • 401(k) Retirement Plan
  • Health Advocacy, Travel Assistance, and My Secure Advantage
• PTO Accrual and Holidays

#ZIP
#INDNP
#LI-SW1

Powered by JazzHR

v0OTnkwwIW

---