Company :Highmark Health
Job Description :
This job is responsible for planning, designing, implementing, and maintaining the IT Compliance Program and its related policies to ensure the business acts within the parameters of federal and state laws, regulations, and regulatory guidance. The incumbent is also responsible for the administration, interpretation, and enforcement of the IT Compliance Program including auditing/monitoring operational processes, conducting or overseeing compliance investigations, and ensuring that adequate training takes place under the IT Compliance Program. In this capacity, the incumbent is responsible for the collaborative and iterative development of the risk and compliance plan for these entities across all areas in the enterprise risk taxonomy. Through matrixed leadership with Risk Operations and with support from Risk Enablement, the incumbent monitors and tracks the delivery of risk activities, including but not limited to internal and external audit progress, recurring risk and compliance reporting, mandated training, investigations, and the impacts of new and changing laws, regulations, and contractual relationships. The incumbent must have extensive knowledge of the applicable federal and state rules as well as a solid working knowledge of managed care operations, compliance program structures, information security and audit methodologies. The incumbent must also have a foundational understanding of privacy regulations, including in-depth knowledge of HIPAA and possess the ability to perform a privacy risk assessment. The incumbent must have the highest level of integrity and ethics and demonstrate professional representation of the company.
- Matrixed working relationship with Risk Operations and Strategic Risk Partner to define the development, implementation and maintenance of an effective compliance and risk management program for the supported entities. This includes, but is not limited to education and training requirements, reporting and intake protocols, monitoring and implementation of new or changing regulatory requirements, risk assessment and audit execution, risk treatment plans, policy and procedure maintenance, response and investigation procedures and compliance expectations.
- Acts as a thought partner and advisor to business leaders to ensure business decisions are managed according to the enterprise risk strategy / framework. Participates in and understands the business operations and strategy. Serves as a single point of contact for the business’ risks, compliance, privacy and security needs, and partners closely with legal counsel on all efforts.
- Provide proactive guidance, education, and information to senior management, so that leaders remain informed and aware of risks, requirements, mitigation strategies, and management’s responsibilities. Leads and participates in discussions or presentations to existing Compliance or Risk Committees and the Audit & Compliance Committee meetings of the Board. Gathers data and prepares reports for senior management and Board of Directors as needed. Ensure reporting obligations are met. Participates on various risk committees and may represent their entity when appropriate.
- Informs business of risk related activity for that BU, ensures awareness and monitors execution. Tracks, monitors and reports on risk operations for the assigned Business Unit (BU) using the standard metrics and reporting created by risk enablement.
- Through understanding of the business strategy, proactively identifies and addresses risk in partnership with the risk operations and legal functions, and the business leaders. Serves as a single point of contact to respond and intake risk from the senior leadership team, and follows protocol to triage.
- Participate in the development and implementation of the enterprise’s risk strategy for effective risk and compliance program governance; intended to strategically and proactively mitigate risk, and promptly detect and correct instances of non-compliance. This includes but is not limited to formal risk assessment processes and the development and implementation of an annual audit plan.
- Liaise with external regulators or enforcement bodies interacting with the assigned BU per defined communication and legal protocols.
- Ensure completion of all education and training initiatives and requirements and identify priorities for focus for the accountable entities.
- Respond to reports of real or potential instances of non-compliance, including coordination and facilitation of internal investigations including the analysis of facts, recommendations for resolution, risk treatment and corrective action plans. Work with legal counsel to ensure timely notice or disclosure of incidents or issues as appropriate/required. Ensure all reported matters are addressed in a timely and responsible manner in compliance with corporate policy, state and federal law and best practices.
- Maintain a strong working knowledge of the regulatory landscape.
- Other duties as assigned or requested.
- Bachelor's Degree in Business, Finance, Health Administration, Public Health, Public Administration, Legal, Accounting or Related Field
- Master's Degree in Business, Finance, Health Administration, Public Health, Public Administration, Legal, Accounting or Related Field
7 years in compliance, privacy, government affairs, healthcare operations, risk, audit, or legal functions
5 years in a management or leadership role
10 years in compliance, privacy, government affairs, healthcare operations, risk, audit, or legal functions
5 years in Healthcare Compliance or Privacy
LICENSES or CERTIFICATIONS
(Any of the Following)
- Certified Public Accountant (CPA)
- Certified Internal Auditor (CIA)
- Certified Fraud Examiner (CFE)
- Certified in Healthcare Compliance (CHC)
- Certified Compliance and Ethics Professional (CCEP)
- Broad-based business knowledge as well as in-depth knowledge of the insurance industry, strategic compliance planning, regulatory concerns, compliance requirements, and corporate integrity principles.
- Excellent oral, written, and presentation skills, as well as conceptual and analytic skills in order to review and articulate corporate objectives and regulations across all relevant audiences.
- High-level of skill in leading interdepartmental and cross-functional strategy development.
- Experience with managed care, Medicare and federal and/or state regulations, quality improvement and compliance oversight.
- The ability to comprehend and interpret regulatory, legislative, and contractual mandates.
- Experience managing multiple projects and managing professional staff on numerous projects to ensure corporate deadlines and objectives are met.
- The utmost integrity in the discreet and confidential handling of confidential materials is necessary
Language (Other than English):
0% - 25%
PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS
Teaches / trains others regularly
Travel regularly from the office to various work sites or from site-to-site
Works primarily out-of-the office selling products/services (sales employees)
Physical work site required
Lifting: up to 10 pounds
Lifting: 10 to 25 pounds
Lifting: 25 to 50 pounds
Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.
Compliance Requirement : This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies.
As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy.
Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, age, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, age, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Gender Identity ( https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf )
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.
For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org