We’re looking for a Director of Compliance and Privacy to join our PharmScript team within our Corporate Compliance department. As a Director of Compliance and Privacy, you will be responsible for developing, implementing, and directing a comprehensive compliance and privacy program for PharmScript in accordance with federal and state requirements and guidance, as well as organizational policies and procedures.
Reporting to and under the direction of PharmScript’ s Chief Compliance Officer, the Director is responsible for promoting a culture of compliance and ensuring that PharmScript has appropriate administrative, technical, and physical safeguards to protect (and access) the privacy of protected health information and personal information and ensure members' rights are protected in compliance with federal and state laws. Such responsibilities include policy and procedure development and enforcement, training and education, and investigation and response to compliance and privacy issues and complaints. The Director of Compliance and Privacy will serve as PharmScript’s Privacy Officer and serves as an organizational resource on the laws, regulations and internal policies pertaining to privacy, health information, compliance, protected health information, and personal information.
The ideal candidate will have strong attention to detail and is an effective communicator. They are always a team player, eager to jump in where needed and collaborate with others to support the goals of the pharmacy and needs of customers.
- Oversee and monitor the implementation of the privacy programs and initiatives for PharmScript.
- Develop, implement, maintain, and oversee compliance and privacy-related policies and procedures of the organization and work closely with the Chief Security Officer on information security-related policies and procedures.
- Analyze client, vendor, and other entities’ requests for disclosure of member PHI/PI and determine applicable Confidentiality and Non-Disclosure Agreements, Business Associate Agreements or Privacy & Security Agreements required and coordinate process for issuing the applicable Agreements and maintaining database of Agreements. Review requested changes to issued Agreements and escalate to Chief Compliance Officer for any material changes.
- Conduct investigations of compliance and privacy-related complaints and respond to compliance and privacy-related inquiries from workforce members, health plan members, the compliance hotline, or other sources. This work includes responding timely to incidents and inquiries received, documenting the work and actions taken in a central database, and tracking investigations and inquiries.
- Based on outcomes of compliance and privacy-related investigations, oversee and coordinate reporting to individuals, state and federal authorities, as appropriate.
- Conduct risk assessments and develop work plans to address identified risks, including conducting audit and monitoring activities.
- Develop, implement, maintain and oversee training and education programs for compliance and privacy issues for the organization, including, for example, new employee orientation, annual online training and department-specific training.
- Develop and implement (or oversee implementation of) corrective action plans in response to complaints and investigations.
- Cooperate with U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) and other federal and state entities, in any privacy program audits, inquiries or investigations.
- Stay current with relevant federal and state compliance and privacy related laws and regulations and modify the compliance and privacy program accordingly to remain compliant, as well as consistent with industry best practices.
- Provide compliance and privacy related reports to PharmScript Leadership and Board of Directors.
- Bachelor’s degree or equivalent work experience required.
- 3-5 years of healthcare compliance, privacy, or other compliance related function requirements, that includes 2 years of experience managing an effective and comprehensive organization-wide privacy program that includes the protection and security of protected health information, auditing, investigations, communication and training.
- Highly prefer Certification in Healthcare Privacy Compliance (CHPC) or Certification in Healthcare Compliance (CHC).
- Knowledge and experience in information privacy laws, access, release of information, and corporate compliance.
- Outstanding computer, oral and written communication skills
- Strong organizational and project management skills
- Demonstrated ability to handle multiple priorities in a dynamic, fast-paced environment
Skills and Abilities:
- Attention to detail
- Collaboration Skills
- Decision Making
- Performance Management
- Problem Solving/Analysis
- Technical Capacity