Compliance and Privacy Manager

Burlington, MA • Lahey Hospital and Medical Center • Full-time • Day
Share job:
Apply now

When you join the growing BILH team, you're not just taking a job, you’re making a difference in people’s lives.

Onsite availability 1-2 per week.

The Compliance and Privacy Manager serves as a key member of the BILH Compliance and Privacy Program and reports directly to the Executive Director, Compliance and Privacy Officer. The Manager is responsible for independently overseeing and advancing compliance and privacy initiatives across BILH, ensuring adherence to the Code of Conduct, organizational policies, federal and state regulations, and industry standards related to healthcare compliance, patient privacy, and information security.

The Manager exercises independent judgment in the identification, assessment, investigation, escalation, and resolution of compliance and privacy matters and serves as a trusted advisor to operational, clinical, and administrative leadership.

The position maintains a high degree of visibility throughout the organization and collaborates with leaders at all levels to strengthen a culture of compliance, accountability, ethical conduct, and privacy protection.

Responsibilities include:
· Leading and independently managing compliance and privacy investigations and reviews.
· Leading entity management and leadership compliance meetings.
· Providing strategic compliance and privacy guidance to leadership and business partners.
· Developing, implementing, and maintaining policies, procedures, standards, and guidance.
· Leading risk assessment, auditing, monitoring, and compliance improvement initiatives.
· Developing and delivering training, education, and communication programs.
· Serving as a subject matter expert on compliance, patient privacy, and information security matters.
· Escalating significant risks and trends to Compliance and Privacy leadership, recommending corrective actions.
· Participate in program development, regulatory readiness, and enterprise-wide compliance and privacy objectives.

Job Description:

1. Use expert knowledge of federal, state, local, regulations and guidance, Code of Conduct, investigatory best practices, confidentiality, and policies and procedures to independently conduct, manage, and oversee compliance and privacy investigations, reviews, and inquiries. Exercise independent judgment in determining investigative scope, identifying root causes, evaluating risk, formulating findings, recommending corrective actions, and escalating significant matters to leadership as appropriate.

2. Training, communication, and advisory services: Work with BILH leadership to identify, develop, and implement continuous training and communication to the BILH community, enhancing workforce awareness. Provide proactive consultation and strategic guidance to leaders and business partners regarding privacy, security, regulatory, and compliance risks and obligations.

3. Serves as a subject matter expert and trusted advisor on patient privacy, information security, and healthcare compliance issues to all areas and all levels of the BILH community. Represent Integrity and Compliance on organizational committees related to patient privacy and information security and general compliance matters.

4. Anticipate reporting requirements and lead in the development of materials and updates for Integrity and Compliance and BILH leadership. Perform data analysis, identify trends, develop dashboards and metrics, and prepare executive-level reports, presentations, visualizations and recommendations.

5. Lead, coordinate and perform auditing and monitoring activities pertaining to privacy, security, and compliance. Ensure routine monitoring requirements, such as exclusion checks and related activities are performed in a timely and efficient manner. Recommend corrective actions and validate implementation of remediation plans were deficiencies are identified.

6. Participate in the development of patient privacy and information security monitoring activities, collaborating with stakeholders as necessary to ensure coordinated and effective reviews. Assists outsourced Internal Audit in the performance of internal audits, as needed.

7. Assist with the risk assessment and management process: Conduct and participate in risk assessment planning and implementation. Analyze issues using standardized risk methodology. Identify and communicate high risk areas and issues as appropriate.

8. Participate in the continuous quality improvement of BILH operations in partnership with leadership, including monitoring and improving Compliance customer service, compliance with regulations, and related electronic systems.

9. Identify weaknesses and deficiencies, and provide input to BILH leadership on how to enhance the quality and efficiency of the work performed.

10. Identify deficiencies and advise on how to achieve compliance with regulatory requirements in an efficient manner. Conduct ongoing review of policies and procedures, working with leadership to ensure correction and education as necessary. Ensure that local, state, and federal regulations and guidelines are correctly applied and appropriately described in policies, procedures, and guidance. Lead or oversee the drafting, revision, implementation, and maintenance of compliance and privacy policies.

Minimum Qualifications

Education: Bachelor's degree required

Licensure, Certification & Registration: Professional certification is preferred, e.g. Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified in Healthcare Compliance (CHC), Certified HIPAA Professional (CHP).

Experience: Minimum 4 years related work experience required in patient privacy or information security, and hospital and/or academic medical center healthcare compliance. Advanced degree could be considered in addition to years of experience.

Skills, Knowledge & Abilities: Must have specific HIPAA and HITECH knowledge and experience. Fluency in federal and state laws, regulations, and guidance related to patient privacy and information security. Demonstrated ability to exercise leadership and formal/informal influence skills. Ability to effectively work both independently and in a team environment. Exceptional organizational abilities, oral and written communication skills, and interpersonal skills. Ability to operate and communicate effectively while meeting multiple deadlines and completing projects simultaneously.

Ability to interact in a positive, productive manner with staff, faculty, leadership, patients, vendors, and others (demonstrating sensitivity, tact, and professionalism). Good judgment and creative/original thinking to address evolving requirements related to healthcare compliance and patient privacy and information security. Advanced skills with Microsoft applications which may include Outlook, Word, Excel, PowerPoint or Access and other web-based applications. May produce complex documents, perform analysis and maintain databases.

 

 

Pay Range:

$110,000.00 USD – $140,000.00 USD

The pay range listed for this position is the annual base salary range the organization reasonably and in good faith expects to pay for this position at this time. Actual compensation is determined based on several factors, that may include seniority, education, training, relevant experience, relevant certifications, geography of work location, job responsibilities, or other applicable factors permissible by law. 

As a health care organization, we have a responsibility to do everything in our power to care for and protect our patients, our colleagues and our communities. Beth Israel Lahey Health requires that all staff be vaccinated against influenza (flu) as a condition of employment.

More than 35,000 people working together. Nurses, doctors, technicians, therapists, researchers, teachers and more, making a difference in patients' lives. Your skill and compassion can make us even stronger.

Equal Opportunity Employer/Veterans/Disabled

Similar jobs

Go to Top