We are seeking an experienced Director of Compliance to lead and oversee our compliance programs. This role is responsible for ensuring the organization’s technology systems, processes, and data handling practices meet healthcare regulations and standards, and ensures the organization adheres to regulatory requirements such as HIPAA, SOC2, PCI and HITECH.

The ideal candidate will have a deep understanding of healthcare compliance, data security, and regulatory requirements and will collaborate closely with senior leadership to foster a compliance-driven culture within the company.

Key Responsibilities:

• Develop, implement, and maintain compliance programs specific to healthcare IT, ensuring adherence to all applicable regulations, including HIPAA, HITECH, and other federal, state, and industry regulations.
• Lead the creation and enforcement of compliance policies and procedures related to data privacy, security, and regulatory adherence.
• Manage internal compliance audits, identify areas for improvement, and ensure timely corrective actions. Oversee investigations related to compliance violations, data breaches, or privacy concerns.
• Develop and enforce policies (I think HR/Janine is part of enforcement) related to data protection, privacy, and secure handling of electronic health records (EHRs) and other sensitive data.
• Foster a culture of compliance and data security awareness across the organization.
• Stay up-to-date with changes in healthcare regulations and standards. Prepare and submit necessary reports to regulatory agencies, and communicate regulatory updates to key stakeholders.
• Work with external partners, vendors, and third parties to ensure their compliance with healthcare standards and company policies. Conduct due diligence and regular assessments of vendor compliance practices.
• Respond to Security Assessment Questionnaires from Prospects and Customers