Senior Director of Compliance and Privacy

About The Position

Requirements

• Bachelor’s degree and a minimum of 10 years’ experience in corporate/organizational compliance required.
• Experience working with regulators, auditors, and law enforcement.
• Ability to work in a rapidly changing environment, proactive attitude, ability to work independently.
• Proven leadership skills, with ability to coach and guide employees of all levels across the organization.
• Self-motivated, high level of dependability, professionalism, detail-oriented, strong organizational skills, superior writing skills, ability to multi-task.
• Working knowledge of legislative review and interpretation.
• Adept at emphasizing a compliance and integrity program that is built on sound decision-making, substantive education, active listening, and a culture of accountability.
• Proficiency in Microsoft Office (Word, Excel, PowerPoint).
• Satisfactory completion of all required background screenings.
• Respect the confidential nature of all CCSI and CCSI customer information you are exposed to in the course of your work performance. Staff working directly with protected health information /electronically stored protected health information, personally identifiable information, and other patient/consumer/customer data, will abide by the specific procedures and policies outlined by CCSI’s Code of Conduct and CCSI’s Privacy and Security Policies, New York State regulations and Federal regulations.

Nice To Haves

• Master’s degree in in a relevant filed such as Healthcare Administration, Public Health, Business Administration, Business Ethics, Compliance, and/or Risk Management is preferred.
• Experience with Federal and State contracting preferred.
• Current Compliance Credentials: Graduate Certificate in Healthcare Compliance and/or CHC, CHPC certifications or comparable is strongly desired.

Responsibilities

• Oversee the structure, needs and general operation of the Compliance Program and its related activities to prevent illegal, unethical, or improper conduct.
• Chair the Corporate Compliance Committee.
• Provides supervision to compliance program personnel and may provide mentorship to other CCSI personnel as needed.
• Partners with leadership to embed compliance and quality expectations into daily operations.
• Utilize data, outcomes, and trends to validate whether compliance controls are effective.
• Maintains, provides direction, and tracks for trends within all compliance reporting systems including the Confidential/Anonymous Hotline.
• Develops and maintains an effective investigative effort of reported compliance issues throughout the organization up to and including recommendation creation and tracking through to resolution.
• Develops an effective compliance training program, including appropriate introductory training for new employees as well as ongoing training for all employees, leadership and the Board of Directors.
• Develops, executes and monitors an internal audit process and an external audit structure.
• Ensures the development of written compliance workplans including a training and audit plan on an annual basis.
• Develops and/or maintains all compliance, privacy, and risk management policies.
• Institutes and maintains an effective compliance communication program for the organization, including promoting (a) use of the Compliance Hotline; (b) heightened awareness of Code of Business Ethics, and (c) understanding of new and existing compliance issues and related policies and procedures.
• Monitors the performance of the Compliance Program and related activities on a continuing basis, taking appropriate steps to improve its effectiveness.
• Monitors, and as necessary, coordinates compliance activities of other departments, including participation in plan of corrections.
• Interacts with state and federal regulators as warranted.
• Ensures proper reporting to regulators and enforcement agencies as appropriate and/or required.
• Represents CCSI during internal and external audits, provides required documents/information.
• Consults with the Corporate attorney as needed to resolve difficult legal compliance issues.
• Develops and periodically reviews and updates the agency Code of Business Ethics to ensure continuing currency and relevance in providing guidance to all workforce members, leaders and the Board of Directors.
• Act as an independent review and evaluation body to ensure that compliance and ethical issues/concerns within the organization are being appropriately identified, evaluated, investigated and resolved.
• Assist in the management of all identified enterprise risk and all associated functions of the risk management process; in partnership with the virtual Chief Information Security Officer (vCISO) acts as a resource and support to Leadership.
• Identify potential areas of compliance vulnerability and risk; develop/implement corrective action plans for resolution of problematic issues and provides general guidance on how to avoid or deal with similar situations in the future.
• Evaluate CCSI’s existing policies and procedures for HIPAA, and other federal and state privacy regulation compliance.
• Develop and modify privacy policies and practices.
• Train new and existing workforce members on privacy policies.
• Investigate and acts on all incidents, complaints, and/or violations of privacy.
• Support the vCISO and the CITO in all security incidents.
• Act as liaison to all oversight entities in the event of a Breach.
• Be responsible for the compliance consulting program including but not limited to customer discovery, contract development, project implementation, and customer satisfaction. Secures compliance-specific work upon request.

Benefits

• Market-competitive compensation
• An award-winning Wellness@Work and employee benefits program.
• An organization that is committed to racial equity and anti-racist practices.
• Continuous professional development opportunities.
• A voice in shaping CCSI’s ever-evolving diverse company culture.