Oversees and manages the Compliance Department and its personnel and acts as advisor to GHX management and Board of Directors. Responsible for designing, implementing and monitoring the processes by which GHX, its employees and third-party contractors comply with applicable US and international laws and regulations, including laws and regulations related to protected health information, personally identifiable information and other similarly sensitive information, and adhere to GHX policies and procedures.Principal duties and responsibilities:Compliance

• Oversees and monitors the development, implementation and performance of the Compliance Program and its related activities to help prevent illegal, unethical, or improper conduct.
• Develop, review and update GHX's Code of Conduct for continuing currency and relevance in providing guidance to GHX employees and third-parties.
• Institutes and maintains an effective compliance training and communication program for the organization, including (a) promoting use of the compliance hotline; (b) heightened awareness of Code of Conduct, and (c) understanding of new and existing compliance issues and related policies and procedures.
• Acts as an independent reviewer and evaluator to manage and monitor the evaluation, investigation, and resolution of compliance issues/concerns within the organization. Responds to and evaluates alleged violations of rules, regulations, policies, procedures, and the Code of Conduct and coordinates with internal and external resources when appropriate. Assists in the development of and monitors systems for uniform handling of reports of such alleged violations.
• Identifies potential areas of compliance vulnerability and risk; assists in the development/implementation of corrective action plans for resolution of problematic issues, and provides general guidance on how to help avoid or handle similar situations in the future.
• Provides reports on a regular basis, and as requested, to keep management informed of the operation and progress of compliance efforts.

Chief Privacy Official

• Develops, implements and maintains GHX privacy policies for the management of protected health information, personally identifiable information and other similarly sensitive information and coordinates with GHX management in implementing processes and procedures to support such policies.
• Develops and delivers annual and periodic privacy training to employees and appropriate third parties. Initiates, facilitates and promotes activities to foster information privacy awareness within GHX.
• Assists GHX management in performing periodic information privacy risk assessments.
• Establishes and administers a process for receiving, investigating, and resolving complaints concerning GHX's privacy policies and procedures.
• Maintains current knowledge of applicable international, federal and state privacy laws, and monitors advancements in information privacy technologies and processes to improve compliance.

Required Skills:

• Strong knowledge of compliance program development and management; extensive knowledge of US and international privacy laws (HIPAA, CCPA, GDPR, etc.)
• Strong analytical skills and ability to analyze and synthesize information from multiple sources in a cogent manner.
• Maturity of judgment and decision making related to compliance.
• Proven cross-functional management and leadership skills; ability to partner and communicate effectively across all levels of the organization and develop positive working relationships.
• Advanced PC/systems skills including proficiency with Microsoft Word, Excel and PowerPoint.
• Able to manage and execute multiple complex projects within required timelines and expectations required.
• Working knowledge of information technology, particularly how systems and applications integrate with business processes and operations.

Required Qualifications:

• Bachelor's degree in a related field, Master's desired, or combination of education and related work experience.
• 8+ years' compliance experience.
• Minimum 5 years' managerial/supervisory experience.
• Hands-on experience in developing and managing compliance programs.
• Experience with reporting into a Board of Directors.
• Experience with US and international data privacy regulations.

Preferred Qualifications:

• Certified Information Privacy Professional (CIPP) certification

Estimated Salary range for this position: $161,700 - $189,000The base salary range represents the anticipated low and high end of the GHX's salary range for this position. Actual salaries will vary and will be based on various factors, such as candidate's qualifications, skills, competencies, and proficiency for the role. The base salary is one component of GHX's total compensation package for employees. Other rewards and benefits include: health, vision, and dental insurance, accident and life insurance, 401k matching, paid-time off, and education reimbursement, to name a few. To view more details of our benefits, visit us here: https://www.ghx.com/about/careers/GHX: It's the way you do business in healthcareGlobal Healthcare Exchange (GHX) enables better patient care and billions in savings for the healthcare community by maximizing automation, efficiency and accuracy of business processes.GHX is a healthcare business and data automation company, empowering healthcare organizations to enable better patient care and maximize industry savings using our world class cloud-based supply chain technology exchange platform, solutions, analytics and services. We bring together healthcare providers and manufacturers and distributors in North America and Europe - who rely on smart, secure healthcare-focused technology and comprehensive data to automate their business processes and make more informed decisions.It is our passion and vision for a more operationally efficient healthcare supply chain, helping organizations reduce - not shift - the cost of doing business, paving the way to delivering patient care more effectively. Together we take more than a billion dollars out of the cost of delivering healthcare every year. GHX is privately owned, operates in the United States, Canada and Europe, and employs more than 800 people worldwide. Our corporate headquarters is in Louisville, Colorado, just outside of Denver, with additional offices in Europe, Chicago, Illinois, and Omaha, Nebraska.DisclaimerGlobal Healthcare Exchange, LLC and its North American subsidiaries (collectively, "GHX") provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. All qualified applicants will receive consideration for employment without regard to any status protected by applicable law. This EEO policy applies to all terms, conditions, and privileges of employment, including hiring, training and development, promotion, transfer, compensation, benefits, educational assistance, termination, layoffs, social and recreational programs, and retirement.GHX believes that employees should be provided with a working environment which enables each employee to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, national origin, sex, sexual orientation, gender identity, religion, age, genetic information, disability, veteran status or any other status protected by applicable law. GHX expects and requires the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere. Improper interference with the ability of GHX's employees to perform their expected job duties is absolutely not tolerated.