Swedish Medical Center Chief Compliance and Privacy Officer in Seattle, Washington
Providence is calling a Chief Compliance and Privacy Officer to Swedish Health & Services in Seattle, WA.
This is an unparalleled opportunity for a Chief Compliance and Privacy Officer. As Chief Compliance Officer, ensures that Swedish Health Services’ Compliance Programs are consistent with the standards of conduct, ethical principles, and core values of Providence St. Joseph Health; and promote adherence to applicable Federal and State laws to advance the prevention of fraud, waste, and abuse, while providing quality healthcare to those served by Swedish Health Services. As Chief Privacy Officer, oversees all ongoing activities related to the development, implementation, maintenance, and adherence to System wide and Swedish Health Services policies and procedures covering the privacy of and access to patient protected health information (PHI) in compliance with applicable State and Federal laws.
The Chief Compliance and Privacy Officer (CPO) is responsible and accountable to provide direction and oversight to assure effective development, implementation, operational oversight and ongoing management of the Swedish Health Services compliance and privacy functions. The CPO is responsible for identifying and assessing areas of risk within the Swedish Health Services; implementing compliance training and education programs, addressing questions and concerns relating to compliance issues; implementing and maintaining appropriate auditing and monitoring of risk areas; overseeing adherence to compliance policies and procedures and working with the various facilities and business units to ensure appropriate personnel are in place to coordinate compliance efforts. Additional, where needed, investigates issues of noncompliance and/or works collaboratively with legal affairs to assure investigations are complete. Ongoing and communication and reporting with the chief Executive and the Swedish Board to provide updates on compliance and/or privacy risks and works with the PSJH Chief Risk Officer to assure that emerging risks are also communicated and/or considered for further action. The CPO works collaboratively with operations to share best practices, PSJH network of compliance and privacy professionals and the System Risk and Integrity Office to eliminate rework, and promote standardization.
In this position you will:
Ensure that the Service Areas effectively comply with system mandates for compliance infrastructure, and detect violations of law, regulations, or policies for Swedish Health Services and/or the PSJH System policies;
Maintain an appropriate tracking and reporting mechanism and proper documentation of reports, issues, and concerns as reported to the CPO or their designee;
Oversee of the other Swedish Compliance/Privacy functions, not under the direct reporting relationship but dotted line reporting relationship in the Swedish Health Services.
Assure appropriate infrastructure is established for compliance and privacy discussions enterprise wide;
Facilitate a multifaceted training and education program which focuses on compliance program elements to ensure that staff and contracted employees, and management have knowledge of and are aware of fraud and abuse risk areas and their responsibility for compliance with pertinent Federal and State standards.
Assure that the training and education programs include PSJH and Swedish Health Services compliance and privacy related policies and guidelines to all employees and others working in the health system;
Analyze and monitor data trends and reports from billing reviews (physician / hospital coding and documentation reviews, billing profiles) to identify potential high risk areas and improvement opportunities.
Work with appropriate personnel within the System Integrity Office, and the health system to ensure that internal controls are capable of detecting significant instances or patterns of illegal, unethical, abusive or inappropriate conduct by System employees, agents or others working in the Swedish Health Services;
Initiate an auditing and monitoring program for compliance with policies utilizing appropriate subject matter experts from internal/external resources.
Monitor (and/or audit) managements corrective action to ensure risk areas are resolved or mitigated to acceptable levels. Identify activities of other risk partners, i.e.: physician practices, clinical institutes, revenue cycle, etc. to avoid duplication and redundancies.
Work with Human Resources, collaborating to ensure that appropriate safeguards are in place to prevent hiring persons for management or other positions with responsibility who have a propensity or history of violating federal or state laws and regulations or engaging in improper or unethical conduct in the designated area of responsibility;
Establish and administer a process for investigating, adjudicating, and taking action on all compliance related issues and complaints following PSJH system direction and guidance.
Investigate and respond to matters related to compliance, including the flexibility to independently conduct investigations into reports of problems or suspected violations, and where necessary ensure timely development and implementation of corrective / disciplinary actions in response to any detected compliance deficiency in accordance with PSJH policy (Policy P-321). Assure communication and collaboration with System Risk and Integrity Office; and
Revise the Compliance Program periodically to be consistent with changes in laws, fraud and abuse alerts, periodic risk assessment outcome, government audit focus areas, and other clinical enterprise initiatives to maintain an effective Program. Represent Swedish Health Services and participate regularly in PSJH system wide meetings with ministry/affiliate compliance officers, privacy officers and Office of Legal Affairs.
Serve as the Swedish Health Services Chief Privacy Officer as required in the HIPAA Regulations.
Revise, develop and implement Privacy Policies and Procedures.Provide leadership, oversight, and direction for Privacy Compliance.Maintain process for receiving, documenting, tracking, investigating, and resolving patient (and employee) complaints regarding Protected Health Information (PHI).
Initiate an auditing and monitoring program for compliance with privacy policies utilizing appropriate subject matter experts from internal/external resources. Monitor (and/or audit) managements corrective action to ensure risk areas are resolved or mitigated to acceptable levels. This may include periodic site visits and/or surveillance of users' access to protected health information (PHI), as required by law. Identify activities of other risk partners, i.e.: IS, HR to avoid duplication and redundancies.
Participate in the development (including content approval) and implementation of mandatory education and training for employees in privacy (and security, where applicable).
Revise the Privacy Program periodically to be consistent with changes in laws, fraud and abuse alerts, periodic risk assessment outcome, government audit focus areas, and other clinical enterprise initiatives to maintain an effective Program.
Establish and administer a process for investigating, adjudicating, and taking action on all privacy related issues and complaints.
Report information pertaining to privacy activities and issues to Swedish Health Services’ senior leadership groups, the Compliance and Privacy Management Committees (or other named committees, as appropriate) to promote a culture of privacy, confidentiality and respect for patient privacy.Provide ongoing communication and reports to the Swedish Health Services board, as needed.
Manage the use and disclosure of PHI issues.
Resolve issues of non-compliance with HIPAA Regulations, including managing contact with OCR and other regulators.
Ensure compliance with privacy practices and consistent application of sanctions for violations of policies for Swedish Health Services workforce individuals and business associates in conjunction with Human Resources, Medical Staff, Administration, and Legal Counsel as necessary.
Work with PSJH System leaders and Senior Management to ensure Swedish Health Services maintains appropriate privacy documentation as required by law, e.g., HIPAA Notice of Privacy Practices, acknowledgment of receipt of the Notice, authorization forms, and business associate agreements.
Assist with monitoring Business Associate Agreements compliance and consult with the Office of Legal Affairs as needed.
Act as a liaison to the Information Security Officer and the Information Services Department for privacy matters.
Monitor changes in federal HIPAA and state regulations (especially state preemption) regarding privacy and of PHI.
Required qualifications for this position include:
Bachelor’s degree in Health Care related area or related field.
Master’s degree preferred.
10 years of experience in healthcare
4 years of Compliance and Privacy experience in a senior management position within a Hospital or Health system.
Understands the approaches and methods of process improvement.
Demonstrated knowledge of health care regulatory rules, regulations and guidelines and functional relationships between departments in operations.
Demonstrated presentation and communication skills to all levels of management and board representatives
Demonstrated experience in multi-faceted organizations not geographically located on one site. Project management and basic computer skills required.
SWEDISH HEALTH SERVICES
Swedish Health Services (Swedish) is the largest non-profit health provider in the Greater Seattle area. It is comprised of five hospital campuses (First Hill, Cherry Hill, Ballard, Edmonds and Issaquah), ambulatory care centers in Redmond and Mill Creek; and Swedish Medical Group, a network of more than 170 primary care and specialty clinics located throughout the Greater Puget Sound area. In addition to general medical and surgical care including robotic-assisted surgery, Swedish is known as a regional referral center, providing specialized treatment in areas such as cardiovascular care, cancer care, neuroscience, orthopedics, high-risk obstetrics, pediatric specialties, organ transplantation and clinical research.
Since 1910, Swedish has been the region's hallmark for excellence in healthcare. In an independent research study conducted by the National Research Corporation, Swedish is consistently named the area's best hospital, with the best doctors, nurses and overall care in a variety of specialty areas.
We offer a full comprehensive range of benefits — see our website for details
Our Non-Profit Mission: Improve the health and well-being of each person we serve.
Swedish is the largest nonprofit health care provider in the Greater Seattle Area. It is comprised of five hospital campuses (First Hill, Cherry Hill, Ballard, Edmonds and Issaquah); ambulatory care centers in Redmond and Mill Creek; and Swedish Medical Group a network of more than 183 primary care and specialty locations throughout the Great Puget Sound area. Swedish employs more than 13,000 employees and 4,200 physicians. Whether through physician clinics, health education, research and innovation or other means of outreach, we’re committed to caring for the people in our region and beyond. Swedish is proud to be an Equal Opportunity Employer. Swedish does not discriminate on the basis of race, color, gender, disability, protected veteran, military status, religion, age, creed, national origin, gender identity, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law.
Job Category: Leadership
Req ID: 161167