Hybrid Compliance & Privacy Officer bei Cherry Health

OVERVIEW OF POSITION: 

This role is responsible for the creation, planning, design, implementation, auditing, and administration of the organizations' accreditation and compliance programs. The Compliance & Privacy Officer partners with other departments to advise and establish the priorities and solutions needed to meet operational needs in connection with regulatory requirements. This role also develops and implements practices that ensure compliance with employment regulations, including documentation, employee health requirements, and other related compliance regulations. Partners closely with the HR, Privileging and Credentialing, Quality, Risk Management, Finance and Grants Management teams, including audit preparation. 

Must adhere to and promote adherence to the organizational Policies, Procedures, and Code of Ethics. Must represent the organization’s Mission in all actions and communications. 

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• All processes related to maintaining compliance with federal, state and local accreditations and grant awards, including but not limited to, HRSA, AAAHC, & CARF accreditations, convening staff for survey preparation and ongoing compliance with standards in partnership with multiple departments. 
• Ensure Regulatory Compliance: Monitor and ensure the health center complies with all applicable federal, state, and local laws, including HRSA Health Center Program requirements and Section 330 of the Public Health Service Act. 
• Develop and Maintain Policies: Create, implement, and regularly update compliance policies and procedures, including the Code of Conduct and risk management protocols. 
• Conduct Training and Education: Provide ongoing compliance training for staff, board members, and contractors to ensure awareness of legal and ethical responsibilities. 
• Monitor and Audit: Perform internal audits and risk assessments to identify potential compliance issues and ensure corrective actions are taken. 
• Investigate and Report: Lead investigations into compliance concerns or violations, maintain documentation, and report findings to leadership and regulatory bodies as required. 
• Liaise with Leadership and Board: Serve as the primary compliance advisor to the CEO and Board of Directors, including presenting regular compliance updates and risk assessments. 
• Oversee HIPAA and Privacy Compliance: Ensure adherence to HIPAA regulations and oversee the protection of patient health information. 
• Promote a Culture of Compliance: Foster an organizational culture that encourages ethical conduct, transparency, and accountability. 
• Partner with department leaders in all program audits.  
• Participate with all audits initiated by payers or grant funders. 
• Ensure appropriate storage of all audit and investigative documentation and reports within the compliance drive. 
• Function as the organization subject matter expert on FTCA and HRSA compliance and ensure Chief and Director level staff know their roles and responsibilities. 
• Serve as organization’s Privacy Officer, responsible for fielding and answering questions and occurrences related to privacy laws, engaging external counsel as needed. 
• Conduct PREA internal post event processes and maintain documents providing system review and retaliation monitoring with training provided from FBOP. 
• Ensure P&C storage and review processes are followed, including timelines for annual plan reviews by the Board and appropriate Chief approvals are forwarded. 
• Ensure contract and agreement execution, storage and review processes are followed. 
• Review, edit Compliance Plan annually and submit to the board for review. 
• Report summary of compliance activities to CQI Oversight Committee quarterly. 
• In coordination with external legal, maintain patient facing forms (consents and releases) compliant with applicable laws and regulation. 
• Serve as organization’s claims manager.  
• Receive and respond to inquiries from OIG, health plans and other overseeing entities regarding investigations and audits. 
• Coordinate inquiries and investigations regarding any reports of fraud, waste and abuse within the organization. 
• Meet at least monthly with the CEO to review activities within the job description. 
• Ensure prompt notification to CEO of high/moderate areas of risk or potential risk; (notification to board president if conflict to notifying CEO). 
• Perform other duties as assigned.

• SKILLS / KNOWLEDGE / ABILITIES: 

  • Knowledge of management principles and administrative techniques. 
  • Knowledge of governmental regulations and/or analyzing the content of contracts, accreditation standards, laws, regulations, or similar technical material. 

  • Ability to work collaboratively across departments and with external regulatory agencies. 

  • Ability to present regulatory information a clear and understandable manner to both technical and non-technical users. 

  • Ability to prioritize tasks and manage time in an effective and efficient manner. 

  • Ability to work independently and efficiently in a hybrid work environment. 

  • Ability to use judgment to make decisions. 

  • Excellent communication skills, both verbal and written. 

  • Excellent problem-solving techniques. 

  • Ability to have a broad perspective as well as understand details. 

  • Ability to manage stress and an ever-changing environment. 

  • Ability to work effectively in a multicultural environment and skills and capabilities of bridging language/cultural barriers within diverse communities. 

   

  COMPETENCIES: 

  • Customer Service 

  • Collaboration 

  • Integrity 

  • Innovation 

  • Professionalism 

   

  EDUCATION / LICENSES / CERTIFICATES: 

  High school diploma or GED required. Bachelor's Degree in healthcare, administration, or related field required. Master’s degree preferred.  
   

   

  EXPERIENCE: 

  • Minimum of 5 years of experience managing compliance related matters.  

  • Deep understanding of contract interpretation and application.