Director Of Compliance/HIPAA Privacy Officer

About The Position

Requirements

• Bachelor’s Degree in Human Services, Business, Public Administration, or a related field with an advanced degree in Business or Public Administration preferred.
• Five years’ experience working with state regulated programs preferred.
• Understanding of government requirements/guidance for healthcare compliance programs.
• Experience with regulatory issues, familiarity with New York Federal Fraud and Abuse Laws, familiarity with regulations related to OPWDD, OMH, DOH, SED, and OCFS.
• Familiarity with the Office of Medicaid Inspector General requirements.
• Authorized to work in the United States and pass all background clearances.
• Ethical Conduct
• Time Management
• Work independently
• Operate various cleaning machines
• Communication with Management
• Must maintain valid driver’s license, insurance and vehicle inspection.
• Ability to utilize personal vehicle or agency vehicle per agency policies.

Nice To Haves

• advanced degree in Business or Public Administration preferred.
• Five years’ experience working with state regulated programs preferred.

Responsibilities

• Serve as the Agency’s Corporate Compliance Officer, HIPAA Privacy Officer, and Medicaid Compliance Officer.
• Oversee the design, implementation, and daily operation of the Corporate Compliance Program, including policies, procedures, and internal controls to prevent illegal, unethical, or improper conduct.
• Maintain expert knowledge of applicable federal and state laws, regulations, and guidance affecting agency operations and compliance obligations.
• Conduct and oversee risk assessments, develop and maintain the annual compliance work plan, and evaluate program effectiveness.
• Oversee internal and external compliance audits, establish audit standards, controls, and performance measures, and ensure corrective actions are implemented as needed.
• Monitor compliance trends and emerging risks and recommend mitigation strategies.
• Develop, implement, and oversee HIPAA Privacy and Security policies and procedures to ensure proper use, disclosure, and safeguarding of protected health information (PHI).
• Maintain oversight of privacy requests, authorizations, disclosures, and distribution of the Notice of Privacy Practices.
• Conduct or oversee compliance and privacy investigations, including those initiated by the CEO, Board of Directors, or Corporate Compliance Committee.
• Prepare written investigation reports with findings, recommendations, and corrective action plans.
• Ensure timely and appropriate reporting of violations or potential violations to regulatory or enforcement agencies when required.
• Administer the Compliance Helpline and whistleblower process, ensuring confidentiality, anonymity, and protection from retaliation.
• Coordinate with legal, quality assurance, and leadership to address matters involving potentially illegal, unethical, or improper conduct.
• Ensure consistent disciplinary actions for violations of compliance policies and standards.
• Maintain a standardized compliance and ethics training program, including new hire orientation and ongoing training.
• Ensure employees acknowledge and understand the Standards of Conduct and related compliance policies.
• Attend Board meetings regularly and report to the Board of Directors and Corporate Compliance Committee on compliance activities, risks, trends, audits, and investigations.
• Prepare and present detailed compliance reports to the CEO, Corporate Compliance Committee, and Board.
• Partner with Human Resources to ensure exclusion and debarment checks are completed and that the Agency does not employ or contract with ineligible individuals or entities.
• Consult with The Arc New York Corporate Compliance staff and/or legal counsel to address complex or high-risk compliance matters.