Sr. Mgr, Compliance, Privacy & Ethics
Availity delivers revenue cycle and related business solutions for health care professionals who want to build healthy, thriving organizations. Availity has the powerful tools, actionable insights and expansive network reach that medical businesses need to get an edge in an industry constantly redefined by change.
The Compliance, Privacy & Ethics Program Manager will assist the Chief Compliance Officer as the company subject matter expert on HIPAA/HITECH, all other relevant state and federal data privacy & security laws and regulations, the Code of Conduct, and on regulations applicable to Availity's business operations. The Manager is responsible to ensure enterprise-wide regulatory compliance, oversees the Company mandatory Compliance & Ethics Training Program, and assists the Compliance Officer to present to the Availity Board's Audit & Compliance Committee, as needed. The Compliance Manager will detect offenses, manage mitigation of any damage, perform investigations, conduct root cause analyses, and implement corrective action plans, including internal controls, where appropriate. The Manager is also responsible for support and collaboration with the company's separate IT Audit function to establish controls and mechanisms to monitor and audit key compliance indicators.
The successful candidate will have an expert level of knowledge and experience with HIPAA, with CMS/OCR audits and investigations, and will be experienced in operationalizing compliance and risk management programs enterprise-wide.
- Manage documentation and updates to compliance policies, procedures, and corrective action plans,
- Plan and execute regular compliance reviews, including privacy assessments, in accordance with accepted standards, reporting findings and making recommendations for mitigation and prevention of identified risks
- Manage enterprise-wide mandatory Compliance & Ethics Training Program
- Track laws, regulations, and standards that affect the organization's compliance policies, and facilitate required operational changes
- Educate the business on new and pending changes to laws, regulations, and standards that impact business operations
- Collaborate with the business to evaluate products and services to ensure compliance with HIPAA, HITECH/ACA, CAQH/CORE, fraud, waste & abuse, and other relevant state and federal laws and regulations
- Support enterprise-wide audits, accreditations, certifications and assessments by third parties, including but not limited to vendors and health plans with audit rights, company financial auditors, SSAE-16, HIPAA, HITECH/ACA, CAQH/CORE, EHNAC, HITRUST, PCI, and fraud, waste & abuse audits
- Manage conduct of compliance and privacy investigations, and conduct root cause analyses
- Foster a strong enterprise culture of compliance
- Active participation in industry workgroups such as WEDI, CAQH/CORE, and EHNAC
- Perform additional projects as assigned by the Chief Compliance Officer
- Interact with all levels of the business, including senior executive management
- Requires approximately 10% travel.
The above cited duties and responsibilities describe the general nature and level of work performed by people assigned to the job. They are not intended to be an exhaustive list of all the duties and responsibilities that an incumbent may be expected or asked to perform.
EDUCATION AND EXPERIENCE
- 5+ years in Healthcare Compliance, Privacy, and Security, with a minimum of 2 years supervisory or management experience preferred
- Extensive knowledge of state and HIPAA standards for privacy & security, administration simplification, transactions and code sets (CORE), OCR investigations and breach notification rules
- Bachelor's degree is required
- Healthcare clinical training and experience is a plus
- One or more of the following certifications is highly desirable:
- Certification in Healthcare Compliance (CHC)
- Certified Compliance & Ethics Professional (CCEP)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Privacy Professional (CIPP)
- Certified Information Privacy Manager (CIPM)
- Certified Healthcare Information Security and Privacy Practitioner (HCISPP)
SKILLS AND KNOWLEDGE
- Deep and comprehensive level of subject matter expertise with HIPAA privacy & security, HITECH/ACA, and CAQH CORE rules, federal and state breach notifications, and other laws and regulations that control data privacy and security
- Must possess experience managing an effective compliance program to include:
- Developing policies and procedures
- Creating and administering effective training
- Conducting compliance breach investigations
- Managing risk assessments
- Auditing and monitoring Program compliance
- Working knowledge of healthcare fraud and abuse
- Must thrive in a high growth technology environment with minimal direction
- Strong understanding of business processes, internal control, compliance programs and audit processes
- Ability to maintain confidentiality of highly sensitive information
- Must be intelligent and articulate with supervisory experience, and skilled at communicating compliance related concepts to a broad range of technical and non-technical staff
- Ability to adapt to constantly changing priorities in managing a wide variety of projects
- Ability to demonstrate initiative, accountability and leadership, as well as strategic and analytical thinking
- Ability to influence without authority
- Knowledge of information technology and business process evaluation and improvement techniques.
- An individual with high personal and professional integrity.
- A tactful and skilled diplomat who can manage conflict and lead consensus, and appropriately get to "yes."
- Highly articulate with the ability to communicate effectively and credibly in both oral & written context.
- A pragmatic and disciplined professional with highly honed problem-solving skills and the ability to balance multiple projects
- Ability to support Company policies and procedures during third party audits.
Availity is an equal opportunity employer and makes decisions in employment matters without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, gender expression, genetic information, national origin, religion, marital status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions, or any other classification protected by federal, state, and local laws and ordinances.
NOTICE: Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. When required by state law or federal regulation, Availity uses I-9, Employment Eligibility Verification in conjunction with E-Verify to determine employment eligibility. Learn more about E-Verify at http://www.dhs.gov/e-verify.
Meet Some of Availity's Employees
Sarah ensures clear cross-team communication in order to achieve across-the-board product creation consistency through proper architecture and design principles and procedures.
Back to top