Director, Compliance & Privacy

📋 Description

• Develop and execute compliance initiatives with an emphasis on HIPAA and data governance, collaborating with Security, Technology, Legal, Operations, and other teams to prioritize projects, meet deadlines, and ensure deliverables are fulfilled.

• Identify deficiencies in compliance policy execution across various business units and regions, working alongside stakeholders to address these gaps.

• Stay updated on federal and state regulatory changes pertinent to LifeMD's operations.

• Draft, revise, and implement policies, procedures, and guidelines to guarantee adherence to relevant laws and regulations.

• Oversee the company's processes for HIPAA breach assessments and notifications, including communications with affected individuals and managing inquiries from external agencies, corrective action plans, and remediation efforts.

• Conduct internal compliance reviews and audits, including assessments of Business Associate Agreement (BAA) controls, audits of medical record access, and related activities.

• Manage compliance requirements for payer contracts concerning data controls, audits of third-party vendors, and offshore access to protected health information.

• Collaborate with Procurement, IT, and Security to review and negotiate BAAs, data protection addenda, and associated documents.

• Lead and engage in risk assessments, gap analyses, corrective action plans, and various compliance audits.

• Handle compliance investigations and resolve complaints in partnership with internal leaders and external legal counsel, as necessary.

• Prepare compliance tracking reports that cover data incidents, customer complaints, and business practices to identify opportunities for process improvements.

• Develop and manage employee compliance training programs focusing on HIPAA, fraud and abuse, and other issues particularly relevant to the business.

• Maintain up-to-date knowledge of applicable regulations and act as a subject matter expert for the organization on related compliance obligations.

• Assist in ensuring clinical processes and revenue collection comply with federal Fraud and Abuse laws, including the False Claims Act, Anti-Kickback Statute, Stark Law, and corresponding state regulations.

• Oversee the company's compliance newsletter to keep employees informed about significant compliance updates.

• Collaborate with the Chief Compliance Officer to enhance the company's AI Governance program.

⛳️ Requirements

• Bachelor's degree in a relevant field.

• 8+ years of experience in healthcare compliance, showcasing expertise in HIPAA compliance and OIG compliance program guidelines.

• Demonstrated capability to proactively identify and manage risks, and develop internal controls through collaborative efforts across functions.

• Strong understanding of federal and state healthcare laws, regulations, and compliance standards, including HIPAA and OIG compliance program requirements.

• Experience in adhering to federal healthcare Fraud and Abuse laws, including the False Claims Act, Anti-Kickback Statute, and Stark Law.

• Experience in coordinating compliance activities across multiple departments.

• Proficient in creating and updating essential compliance program documents such as compliance manuals, policies and procedures, work plan materials, training resources, committee agendas, and compliance alerts.

• Comprehensive understanding of privacy principles, policies, and technologies, with familiarity in privacy control frameworks.

• Good risk-based judgment, allowing compliance efforts and resources to be directed where they are most needed.

• Strong project management abilities, with a track record of meeting deadlines, prioritizing tasks, and managing multiple concurrent projects.

• Exceptional written and verbal communication skills, capable of effectively engaging with both technical and non-technical audiences.

• Experience in a managed care environment and/or knowledge of Medicare compliance requirements.

• Advanced degree or healthcare compliance certification such as CHC, CPCO, CHPC; IAPP certification such as CIPP or CIPM.

• Previous experience in a digital health or telemedicine company.

🏝️ Benefits

• Annual Salary: $150,000 - $165,000

• Health Care Plan (Medical, Dental & Vision)

• Retirement Plan (Roth 401k)

• Life Insurance (Basic, Voluntary & AD&D)

• Flexible PTO Policy

• Paid Holidays

• Short Term Disability

• Training & Development