We believe patients and health systems deserve better than the status quo.
At Patientco, we build easy-to-use payment technology that treats patients like consumers and empowers healthcare providers to dramatically improve the way they communicate. Together, patients are happier, health systems are more efficient and doctors can focus on what they’re supposed to do - take care of their patients!
As the Compliance Director, you will assume responsibilities for enterprise-wide compliance and regulatory activities, including HIPAA Compliance, PCI DSS, Mastercard/Visa/American Express mandates, Payments Compliance, Money Transmitter Regulations, and data security. As a Healthcare Payments company, we are at the crossroads of two highly regulated fields and need someone who can keep up with those requirements. You should have a passion for compliance, a knack for organization, and a penchant for documentation. Does that sound like you? Read on!
As the Compliance Director, you will be in a highly visible role in the company as well as act as the point-person for key partnerships within Management, Product & Engineering, Legal, and Finance. You will be an integral part of the team, keeping us all in ship-shape for security, risk and compliance. This position reports directly to the Chief Operating Officers with a strong dotted line to Vice President, Product and Engineering.
- Bachelor’s degree or higher in a related field. Minimum of 7 years experience in a Compliance role specifically with background in HIPAA.
- Demonstrated knowledge and understanding of relevant legal and regulatory requirements, including Payment Card Industry/Data Security Standard (PCI DSS), Money Transmitter regulations, the Health Insurance Portability and Accountability Act (HIPAA), and IT and Data Security.
- In-depth knowledge and understanding of compliance risk management practices and methodologies, including risk assessment, monitoring/surveillance, and testing activities.
- Ability to translate abstract concepts and regulations into risk measured decision-making and useful business practice.
- Payments Compliance (PCI DSS, Visa/Mastercard/American Express mandates, etc.), and Risk Management preferred
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- Must be able to interact cross-functionally and drive both business and technical discussions
- Analytical skills with ability to identify issues and solutions
- Strong project management skills, to include managing and prioritizing multiple concurrent projects, mapping budget and resource curves, and reporting progress and risks.
- Ability to act as a clearinghouse for compliance lessons learned and best practices.
- Experienced and comfortable building new business process including managing internal change associated with developing and executing new process.
- Demonstrated leadership guiding organizations through transitions to operationalize compliance initiatives.
- Professional, action oriented individual that has demonstrated an ability to take the initiative and get the organization's attention with buy in from senior leadership.
YOU ARE ACCOUNTABLE FOR:
- Establishing compliance operational strategies by evaluating trends; establishing critical measurements; determining production, productivity, quality, and customer-service strategies; designing systems; accumulating resources; resolving problems; implementing change.
- Creating and managing all internal procedures and documentation to maintain compliance with regulations and contractual obligations.
- Developing compliance organizational strategies by contributing information, analysis, and recommendations to operational thinking and direction.
- Working with key business leaders, including Product & Engineering, Legal, and Finance, to identify compliance requirements and areas of potential vulnerability and risk; document, enhance, and provide recommendations for internal controls regarding HIPAA, PCI DSS, Data Security, and other compliance risks.
- Overseeing the expansion of our Payment Compliance program to ensure that we keep in line with developing PCI DSS, Mastercard/Visa/American Express mandates, and potential Money Transmitter regulations.
- Developing an audit program to further our PCI and HIPAA compliance program, and work with our PCI and HIPAA consultants to keep the compliance policies and procedures up to date.
- Supporting the implementation and administration of information security and privacy policies, procedures and tools to ensure the protection of networks, systems, data, and PHI.
- Developing training programs to keep staff up to date on compliance and educate them on the importance of PCI and HIPAA standards, as well as otherinternal controls