PROGRAM MANAGER SENIOR III
Director of Compliance & Privacy
|Department||MD Health Benefit Exchange|
|Date Opened||11/21/2022 11:32:00 AM|
|Filing Deadline||12/21/2022 11:59:00 PM|
|Salary||$96,496 - $140,887 with potential up to $155,248/year|
|HR Analyst||JasCiel Stamp|
LOCATION OF POSITION
Main Purpose of Job
- Provide key strategic direction to build and oversee a coordinated compliance program that meets regulatory requirements and reflects the Exchange’s unique characteristics and responsibilities.
- Chair and collaborate with the compliance committee to effectively incorporate the compliance program into the Exchange.
- Present quarterly updates to the Board of Trustees Finance and Compliance committee. Present an annual compliance report to the Board of Trustees.
- Initiate, facilitate and promote activities to foster compliance with the MHBE Code of Conduct, Compliance program, Fraud, Waste and Abuse reporting, and Privacy requirements and awareness within the agency.
- Maintain current knowledge of applicable federal and state privacy laws.
- Conduct analyses and advise senior managers about compliance implications of business decisions.
- Supervise and support direct reports fostering a collaborative teamwork environment with direct reports and the leadership team. Model commitment to a team environment that operates in alignment with MHBE values of diverse & inclusive, innovative, collaborative, and ethical.
- Develop an internal and external audit and monitoring program, to include the conduction of audits and systematic reviews in the investigation of fraud, waste, and abuse.
- Develop an annual compliance work plan reflective of key compliance strategies, initiatives, and a culture of compliance.
- Create an annual Audit plan that encompasses regulations, internal and external audits, and contract monitoring.
- Coordinate the development, implementation, and maintenance of internal controls (policies and procedures) across the Exchange.
- Oversee the coordination, preparation, and implementation of external, independent, State, and federal auditors and any commensurate corrective action plans,
- Coordinate with the federal Health and Human Services, Centers for Medicaid and Medicare Services, Center for Consumer Information and Insurance Oversight, Office of Attorney General, Office of Civil Rights, and other legal entity organization officers in any compliance reviews or investigations.
- Update employee orientation materials annually, as well as employee and external stakeholder training to include lessons learned, best practices and updates to federal and state regulations. Provide ad hoc training in the event regulations or best practice necessitates.
- Provide notice to stakeholders and their supervisors on completion of required training and any attestations related to Code of Conduct, Privacy and IT security procedure adherence, and IRS 1075 training. Inform Human Resources and IT Security as necessary.
- Work with staff responsible for contracts and procurement ensuring compliance with Section 31 of Maryland Insurance and 45 CFR 155 Privacy and IT Security
- Develop and implement a Privacy Program, to include a comprehensive privacy incident management system, Privacy Notice, consent process, and accounting of disclosures.
- Develop an annual privacy plan that incorporates privacy policies, procedures and practices, monitoring, and training.
- Develop standards and initiate periodic information privacy risk assessments; complete annual Privacy Impact Assessment and MARS-E v2.0 Privacy self-assessment as mandated by CCIIO and CMS, respectively.
- Coordinate the development of and maintain all official records regarding due diligence and compliance for all MHBE Non-Exchange Entities Agreements, Data Sharing or Use Agreements with State agencies, and any combination thereof, to meet Medicaid, CHIP and other state and federal benefit programs on compliance and privacy; and Survey units and update records periodically to ensure documents are available for Federal investigators review upon requests.
- Ensure annual and ongoing Personally Identifiable Information Inventory is completed and maintained to minimize access to, use and disclosure of consumer personally identifiable information (PII) to only that amount which is required for employees to complete their job functions, within and across the Exchange. The PII inventory includes inputs, processing and outputs of PII.
- Ensure MHBE maintains a robust consent process to ensure appropriate use and disclosure of consumer PII as well as an accounting of disclosure process.
- Coordinate with IT design, development, and security personnel to ensure privacy requirements are built into the design of the IT platforms.
- Liaison with vendor Privacy officials or designees to ensure they maintain privacy program and practices at a minimum of what MHBE is required to maintain.
- Lead and coordinate implementation of internal Privacy related corrective action plans, ensuring proactive reviews of pending regulations are integrated into the plans; and
- Conduct related ongoing privacy standards compliance monitoring activities for external vendors and ensure performance of ongoing monitoring of vendor corrective action plans
- Develop, implement, and manage a system for reporting and investigating suspected incidents of fraud, waste, and abuse.
- Investigate, or cause an investigation of individual and systemic problems, implementation of corrective actions and develop policy addressing the non-employment or retention of sanctioned individuals.
- Develop and manage enforcement procedures with appropriate Exchange officials regarding disciplinary action against employees who have violated internal compliance policies, applicable statutes, regulations, or federal health care program requirements.
- Experience developing and managing compliance programs including federal and state required compliance.
- Experience providing consultation to executive management and formulating strategy, driving change, and influencing decisions.
- Experience leading cross functional teams to develop and deliver enterprise-wide programs, initiatives, or projects.
DESIRED OR PREFERRED QUALIFICATIONS
- Experience with health care, insurance, regulatory interpretation, and/or government operations.
- Advanced degree in law, business or public administration, public health, or related field.
- Professional certification in corporate compliance or privacy (such as HCCA, SCCE, CHC, CHPC, CHRC, or other related certification).
Please make sure that you provide sufficient information on your application to show that you meet the qualifications for this recruitment. All information concerning your qualifications must be submitted by the closing date. We will not consider information submitted after this date. Successful candidates will be ranked as Best Qualified, Better Qualified, or Qualified and placed on the eligible (employment) list for at least one year.
The assessment may consist of a rating of your education, training, and experience related to the requirements of the position. It is important that you provide complete and accurate information on your application. Please report all experience and education that is related to this position.
Additional Leave & Retirement Benefits:
- Annual Leave - ten (10) days of accumulated annual leave per year
- Sick Leave - fifteen (15) days of accumulated sick leave per year
- Parental Leave - up to sixty (60) days of paid parental leave upon the birth or adoption of a child
- Holidays - State employees also celebrate at least twelve (12) holidays per year
- Pension - State employees earn credit towards a retirement pension
- 401(k) – State employees can contribute to a supplemental Retirement Plan