Description
Company : Highmark Health Job Description : JOB SUMMARY This job is responsible for planning, designing, implementing, and maintaining the enGen Compliance Program and its related policies to ensure the business acts within the parameters of federal and state laws, regulations, and regulatory guidance. The incumbent is also responsible for the administration, interpretation, and enforcement of the Compliance Program including auditing/monitoring operational processes, conducting or overseeing compliance investigations, and ensuring that adequate training takes place under the Compliance Program. In this capacity, the incumbent is responsible for the collaborative and iterative development of the risk and compliance plan for these entities across all areas in the enterprise risk taxonomy. Through matrixed leadership with Risk Operations and with support from Risk Enablement, the incumbent monitors and tracks the delivery of risk activities, including but not limited to internal and external audit progress, recurring risk and compliance reporting, mandated training, investigations, and the impacts of new and changing laws, regulations, and contractual relationships. The incumbent must have extensive knowledge of the applicable federal and state rules as well as a solid working knowledge of managed care operations, compliance program structures, information security and audit methodologies. The incumbent must also have a foundational understanding of privacy regulations, including in-depth knowledge of HIPAA and possess the ability to perform a privacy risk assessment. The incumbent must have the highest level of integrity and ethics and demonstrate professional representation of the company. ESSENTIAL RESPONSIBILITIES Matrixed working relationship with Risk Operations and Strategic Risk Partner to define the development, implementation and maintenance of an effective compliance and risk management program for the supported entities. This includes, but is not limited to education and training requirements, reporting and intake protocols, monitoring and implementation of new or changing regulatory requirements, risk assessment and audit execution, risk treatment plans, policy and procedure maintenance, response and investigation procedures and compliance expectations. Acts as a thought partner and advisor to business leaders to ensure business decisions are managed according to the enterprise risk strategy / framework. Participates in and understands the business operations and strategy. Serves as a single point of contact for the business’ risks, compliance, privacy and security needs, and partners closely with legal counsel on all efforts. Provide proactive guidance, education, and information to senior management, so that leaders remain informed and aware of risks, requirements, mitigation strategies, and management’s responsibilities. Leads and participates in discussions or presentations to existing Compliance or Risk Committees and the Audit & Compliance Committee meetings of the Board. Gathers data and prepares reports for senior management and Board of Directors as needed. Ensure reporting obligations are met. Participates on various risk committees and may represent their entity when appropriate. Informs business of risk related activity for that BU, ensures awareness and monitors execution. Tracks, monitors and reports on risk operations for the assigned Business Unit (BU) using the standard metrics and reporting created by risk enablement. Through understanding of the business strategy, proactively identifies and addresses risk in partnership with the risk operations and legal functions, and the business leaders. Serves as a single point of contact to respond and intake risk from the senior leadership team, and follows protocol to triage. Participate in the development and implementation of the enterprise’s risk strategy for effective risk and compliance program governance; intended to strategically and proactively mitigate risk, and promptly detect and correct instances of non-compliance. This includes but is not limited to formal risk assessment processes and the development and implementation of an annual audit plan. Liaise with external regulators or enforcement bodies interacting with the assigned BU per defined communication and legal protocols. Ensure completion of all education and training initiatives and requirements and identify priorities for focus for the accountable entities. Respond to reports of real or potential instances of non-compliance, including coordination and facilitation of internal investigations including the analysis of facts, recommendations for resolution, risk treatment and corrective action plans. Work with legal counsel to ensure timely notice or disclosure of incidents or issues as appropriate/required. Ensure all reported matters are addressed in a timely and responsible manner in compliance with corporate policy, state and federal law and best practices. Maintain a strong working knowledge of the regulatory landscape. Other duties as assigned or requested. EDUCATION Required Bachelor's Degree in Business, Finance, Health Administration, Public Health, Public Administration, Legal, Accounting or related field, or relevant experience and/or education as determined by the company in lieu of bachelor's degree. Preferred Master’s Degree in Business, Finance, Health Administration, Public Health, Public Administration, Legal, Accounting or related field EXPERIENCE Required 7 years in compliance, privacy, government affairs, healthcare operations, risk, audit, or legal functions 5 years in a management or leadership role Preferred 10 years in compliance, privacy, government affairs, healthcare operations, risk, audit, or legal functions 5 years in Healthcare Compliance or Privacy LICENSES or CERTIFICATIONS Required None Preferred (Any of the Following) Certified Public Accountant (CPA) Certified Internal Auditor (CIA) Certified Fraud Examiner (CFE) Certified in Healthcare Compliance (CHC) Certified Compliance and Ethics Professional (CCEP) SKILLS Broad-based business knowledge as well as in-depth knowledge of the insurance industry, strategic compliance planning, regulatory concerns, compliance requirements, and corporate integrity principles. Excellent oral, written, and presentation skills, as well as conceptual and analytic skills in order to review and articulate corporate objectives and regulations across all relevant audiences. High-level of skill in leading interdepartmental and cross-functional strategy development. Experience with managed care, Medicare and federal and/or state regulations, quality improvement and compliance oversight. The ability to comprehend and interpret regulatory, legislative, and contractual mandates. Experience managing multiple projects and managing professional staff on numerous projects to ensure corporate deadlines and objectives are met. The utmost integrity in the discreet and confidential handling of confidential materials is necessary Language (Other than English): None Travel Requirement: 0% - 25% PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS Position Type Office-based Teaches / trains others regularly Occasionally Travel regularly from the office to various work sites or from site-to-site Frequently Works primarily out-of-the office selling products/services (sales employees) Never Physical work site required Yes Lifting: up to 10 pounds Constantly Lifting: 10 to 25 pounds Occasionally Lifting: 25 to 50 pounds Rarely Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job. Compliance Requirement: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies. As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements. Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, age, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, age, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability. EEO is The Law Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Gender Identity (https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf) We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below. For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org California Consumer Privacy Act Employees, Contractors, and Applicants Notice Highmark Health is a national, blended health organization that includes one of America’s largest Blue Cross Blue Shield insurers and a growing regional hospital and physician network. Based in Pittsburgh, Pa., Highmark Health’s 35,000 employees serve millions of customers nationwide through the nonprofit organization’s affiliated businesses, which include Highmark Inc., Allegheny Health Network, HM Insurance Group, United Concordia Dental, HM Health Solutions and HM Home & Community Services. Highmark Health’s businesses proudly serve a broad spectrum of health-related needs including health insurance, health care delivery, population health management, dental solutions, reinsurance solutions, and innovative, technology solutions.