The Chief Compliance and Privacy Officer will provide leadership and strategic direction in implementing, maintaining and evolving the Shirley Ryan AbilityLab ("SRAlab") Corporate Compliance and Privacy Programs, including day-to-day oversight and monitoring, and strategically developing them to achieve consistently high levels of compliance. The Chief Compliance and Privacy Officer will consistently demonstrate support of the SRAlab statement of Vision, Mission and Core Values by striving for excellence, contributing to the team efforts and showing respect and compassion for patients and their families, fellow employees, and all others with whom there is contact at or in the interest of the institute. The Chief Compliance and Privacy Officer will demonstrate SRAlab Core Attributes: Communication, Accountability, Flexibility/Adaptability, Judgment/Problem Solving, Customer Service and SRAlab Values (Hope, Compassion, Discovery, Collaboration, & Commitment to Excellence) while fulfilling job duties.
The Chief Compliance and Privacy Officer will:
Implement, manage and strategically develop, as needed, the Corporate Compliance Program:
Ensure a culture of integrity and transparency, which is embedded throughout the organization.
Identify potential areas of compliance risk, develop and implement corrective action plans and/or policies for resolution of relevant issues, and provide guidance on how to avoid or deal with similar situations in the future.
Supervise the review, revision and formulation of appropriate policies and procedures to meet the objective of the Corporate Compliance Program to guide employees in compliance activities.
Monitor the healthcare regulatory environment for emerging trends and assist stakeholders in assessing any impact to the Institute and commenting to government agencies and other applicable parties.
Monitor all functions related to research compliance, including adherence to pertinent laws, rules and regulations, and advise on research compliance matters for clinical trials management, billing, contracts, grants management and time and effort.
Develop, coordinate and oversee educational and training programs to ensure that new and current employees and applicable agents are knowledgeable of, and comply with, the Corporate Compliance Program, and pertinent laws, rules and regulations.
Develop and maintain a reporting structure to handle employee concerns regarding known or suspected violations and ensure that all reports are appropriately investigated, including tracking and resolution of each complaint.
Measure activities related to the Corporate Compliance Program and report data to the appropriate Committees, management, and governing bodies.
Assist in the administration of the Enterprise Risk Management function, in partnership with Internal Audit, and provide direction for the activities to mitigate, at an acceptable level, the risks that may adversely affect SRAlab's ability to achieve its internal control, financial and compliance goals.
Manage the organizational process for and evaluation, education and reporting of conflict of interests to ensure patient care, business and research are conducted in a legal and ethical manner. Respond where necessary to external agents' requests regarding conflict of interest matters.
Establish and provides direction and management of the compliance hotline.
Oversee the Corporate Compliance Committee.
Interact and partner with the Office of General Counsel for assistance in interpretation of regulatory requirements and/or legal advice on issues, concerns and/or risks.
Interact and partner with the Internal Audit Department on reviewing and/or assessing potential or actual risks, conducting audits and/or other projects.
Report to, and take direction by the Corporate Compliance Committee and the Finance and Audit Committee of the Board of Directors for activities related to the Corporate Compliance Program.
Interact with outside counsel, in conjunction with the Office of General Counsel, and consultant to discuss and assess components of the Corporate Compliance Program.
Serve as the HIPAA Privacy Officer and administer the HIPAA Privacy Office, which includes overseeing the establishment, implementation and adherence to policies on patient privacy, confidentiality and release of patient information.
Ensure all concerns related to HIPAA concerns are investigated and handled in an appropriate manner to ensure compliance with all regulations as well as policies and procedures.
Chair the HIPAA Committee.
Oversee the delivery of privacy training and orientation to all employees, volunteers, medical staff, applicable business associates and others as needed.
Provide leadership in the planning, design, and evaluation of the organization's privacy and security policies and projects.
Serve as a liaison to regulatory and accrediting bodies for matters relating to privacy and security, including, but not limited to, the U.S. Department of Health and Human Services Office of Civil Rights.
Work closely with the HIPAA Security Officer and other key stakeholders to ensure that the organization's privacy protections keep pace with technological advances.
Ensure a process is in place for receiving, documenting, tracking, investigating, and taking action on all patients' complaints concerning SRAlab's privacy policies and patient breaches in compliance with the HITECH Act.
Perform all other duties that may be assigned in the best interest of SRAlab.
Reports directly to the Senior Vice President, Chief Administrative Officer with direct access to President and Chief Executive Officer and Finance and Audit Committee of the Board of Directors.
Knowledge, Skills & Abilities Required
Juris Doctor and/or Master's Degree in a related field of Health Care required.
Certifications in Healthcare Compliance and Privacy preferred.
At least ten years of compliance work experience in a healthcare environment, preferably a hospital or academic medical center.
At least five years of privacy related work experience in a healthcare/provider setting.
Ensuring a culture of integrity and transparency;
Strong leadership skills and understanding of the importance of an effective compliance plan being inculcated throughout all levels of the organization;
Strong critical thinking and influencing skills across all organizational levels with an unbiased approach to situations.
Ability to manage conflict effectively while showing receptivity to the ideas and concerns of others.
Strong research and analytical skills
Excellent oral and written communication skills. Demonstrated positive, respectful, direct and open communications across all organizational levels.
Ability to maintain a high degree of credibility, independence, integrity, confidentiality and trust.
Effective time management, project management, organizational and prioritization skills.
Ability to anticipate the needs of others and deliver with timeliness and accurately, sensing the urgency of the situation.
Strong leadership skills.
Normal office environment with little or no exposure to dust or extreme temperature.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
SRAlab is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.