Director, Compliance and Chief Privacy Official at GHX
| Greater Boulder Area | Remote
Sorry, this job was removed at 2:52 p.m. (MST) on Wednesday, May 11, 2022
Oversees and manages the Compliance Department and its personnel and acts as advisor to GHX management and Board of Directors. Responsible for designing, implementing and monitoring the processes by which GHX, its employees and third-party contractors comply with applicable US and international laws and regulations, including laws and regulations related to protected health information, personally identifiable information and other similarly sensitive information, and adhere to GHX policies and procedures.Principal duties and responsibilities:Compliance
- Oversees and monitors the development, implementation and performance of the Compliance Program and its related activities to help prevent illegal, unethical, or improper conduct.
- Develop, review and update GHX's Code of Conduct for continuing currency and relevance in providing guidance to GHX employees and third-parties.
- Institutes and maintains an effective compliance training and communication program for the organization, including (a) promoting use of the compliance hotline; (b) heightened awareness of Code of Conduct, and (c) understanding of new and existing compliance issues and related policies and procedures.
- Acts as an independent reviewer and evaluator to manage and monitor the evaluation, investigation, and resolution of compliance issues/concerns within the organization. Responds to and evaluates alleged violations of rules, regulations, policies, procedures, and the Code of Conduct and coordinates with internal and external resources when appropriate. Assists in the development of and monitors systems for uniform handling of reports of such alleged violations.
- Identifies potential areas of compliance vulnerability and risk; assists in the development/implementation of corrective action plans for resolution of problematic issues, and provides general guidance on how to help avoid or handle similar situations in the future.
- Provides reports on a regular basis, and as requested, to keep management informed of the operation and progress of compliance efforts.
- Develops, implements and maintains GHX privacy policies for the management of protected health information, personally identifiable information and other similarly sensitive information and coordinates with GHX management in implementing processes and procedures to support such policies.
- Develops and delivers annual and periodic privacy training to employees and appropriate third parties. Initiates, facilitates and promotes activities to foster information privacy awareness within GHX.
- Assists GHX management in performing periodic information privacy risk assessments.
- Establishes and administers a process for receiving, investigating, and resolving complaints concerning GHX's privacy policies and procedures.
- Maintains current knowledge of applicable international, federal and state privacy laws, and monitors advancements in information privacy technologies and processes to improve compliance.
- Strong knowledge of compliance program development and management; extensive knowledge of US and international privacy laws (HIPAA, CCPA, GDPR, etc.)
- Strong analytical skills and ability to analyze and synthesize information from multiple sources in a cogent manner.
- Maturity of judgment and decision making related to compliance.
- Proven cross-functional management and leadership skills; ability to partner and communicate effectively across all levels of the organization and develop positive working relationships.
- Advanced PC/systems skills including proficiency with Microsoft Word, Excel and PowerPoint.
- Able to manage and execute multiple complex projects within required timelines and expectations required.
- Working knowledge of information technology, particularly how systems and applications integrate with business processes and operations.
- Bachelor's degree in a related field, Master's desired, or combination of education and related work experience.
- 8+ years' compliance experience.
- Minimum 5 years' managerial/supervisory experience.
- Hands-on experience in developing and managing compliance programs.
- Experience with reporting into a Board of Directors.
- Experience with US and international data privacy regulations.
- Certified Information Privacy Professional (CIPP) certification
Read Full Job Description