POSITION PURPOSE: Two to three sentences describing the overall purpose of the position.
The Compliance and Privacy Officer oversees the Vail Valley Surgery Centerâ??s Compliance Program, functioning as an independent and objective body that reviews and evaluates compliance issues/concerns within the organization. The position ensures the Board of Directors, management and employees are in compliance with the rules and regulations of regulatory agencies, that company policies and procedures are being followed, and that behavior in the organization meets the companyâ??s Standards of Conduct. In addition, is responsible for developing and implementing a comprehensive privacy and procedure development and enforcement, training, and education and response to privacy issues and complaints.
ESSENTIAL JOB FUNCTIONS: Maximum of ten functions in order of percentage of time spent on functions from longest to shortest; do not list anything that does not represent at least 10% of the jobâ??s time. Please include supervisory responsibilities.
1. The Compliance and Privacy Officer acts as staff to the Administrator and Governing Councilsâ?? Compliance Committee by monitoring and reporting results of the compliance/ethics efforts of the company and in providing guidance for the Council and senior management team on matters relating to compliance. The Compliance and Privacy Officer, together with the Corporate Compliance Committee, is authorized to implement all necessary actions to ensure achievement of the objectives of an effective compliance program.
2. Develops, initiates, maintains, and revises policies and procedures for the general operation of the Compliance Program and its related activities to prevent illegal, unethical, or improper conduct. Manages day-to-day operation of the Program.
3. Develop, implement, maintain and enforce privacy-related policies and procedures and oversee information security-related policies and procedures.
4. Develops and periodically reviews and updates Standards of Conduct to ensure continuing currency and relevance in providing guidance to management and employees.
5. Collaborates with other departments (e.g., Risk Management, Internal Audit, Employee Services, etc.) to direct compliance issues to appropriate existing channels for investigation and resolution. Consults with the Corporate attorney as needed to resolve difficult legal compliance issues.
6. Responds to alleged violations of rules, regulations, policies, procedures, and Standards of Conduct by evaluating or recommending the initiation of investigative procedures. Develops and oversees a system for uniform handling of such violations.
8. Acts as an independent review and evaluation body to ensure that compliance Issues/concerns within the organization are being appropriately evaluated, investigated and resolved.
9. Monitors, and as necessary, coordinates compliance activities of other departments to remain abreast of the status of all compliance activities and to identify trends.
10. Identifies potential areas of compliance vulnerability and risk; develops/implements corrective action plans for resolution of problematic issues, and provides general guidance on how to avoid or deal with similar situations in the future.
11. Provides reports on a regular basis, and as directed or requested, to keep the Corporate Compliance Committee of the Board and senior management informed of the operation and progress of compliance efforts.
12. Ensures proper reporting of violations or potential violations to duly authorized enforcement agencies as appropriate and/or required.
13. Establishes and provides direction and management of the compliance Hotline.
14. Institutes and maintains an effective compliance communication program for the organization, including promoting (a) use of the Compliance Hotline; (b) heightened awareness of Standards of Conduct, and (c) understanding of new and existing compliance issues and related policies and procedures.
15. Works with the Human Resources Department and others as appropriate to develop an effective compliance training program, including appropriate introductory training for new employees as well as ongoing training for all employees and managers.
16. Monitors the performance of the Compliance Program and relates activities on a continuing basis, taking appropriate steps to improve its effectiveness.
17. Receive, investigate, document and track privacy-related complaints from workforce members, patients and/or family members, the compliance hotline or other sources; analyze contributing factors and trends and facilitate process improvements.
18. Stay current with relevant federal and state privacy laws and regulations and modify the privacy program accordingly to remain compliant, as well as consistent with industry best practices.
19.Assist human resources and leadership in investigating employee misconduct related to privacy. Advise regarding disciplinary action to ensure it is consistent and appropriate for the level of violation.
20. Role models the principles of a Just Culture
21. Perform other duties as assigned. Must be HIPAA compliant.
This description is not intended and should not be construed to be an exhaustive list of all responsibilities, skills and efforts or work conditions associated with the job. It is intended to be an accurate reflection of the general nature and level of the job.
A minimum of 10 years experience in a healthcare organization, to include demonstrated leadership. Familiarity with operational, financial, quality assurance, and human resource procedures and regulations is a must.
Knowledge, skills and abilities required to perform this job are typically acquired through a minimum of five years of progressively responsible experience in health care privacy compliance or health information management in a regulatory or compliance setting.
Presentation and writing skills to deliver and organize media for delivery of reports and education to physicians, leadership, and staff.