Charles E. Smith Life Communities, which includes Hebrew Home of Greater Washington designated a U.S. News Best Nursing Home by U.S. News & World Report, is searching for a proven self-starting leader to work as its Director of Privacy Security and Compliance. This new leadership role offers you the opportunity to serve as a business partner to the leaders throughout our organization while allowing you to grow personally and professionally.
Charles E. Smith Life Communities (CESLC) is one of the largest and most highly regarded nonprofit elder care organizations in the nation. Founded in 1910 as the Hebrew Home for the Aged, CESLC now serves more than 1,100 older adults daily in multiple residences situated on a beautiful 38-acre campus in Rockville, Maryland. CESLC brings together six living options on its campus, each with its own warm personality and specialized services. There are choices for independent living, assisted living, and post-acute care, as well as long-term care and secure memory care.
Reporting to the CEO, the Director of Privacy Security and Compliance will be responsible for the development, implementation and oversight of the HIPAA Security and Privacy plans. They will coordinate and provide privacy and security training to workforce team members. The position will offer subject matter expertise regarding privacy and security compliance to leadership, and team members. The position will manage privacy incident response procedures and investigations, including those related to breach of PHI. Position consults with leadership, and other subject matter experts to identify compliance requirements, assess risks, and recommend compliant solutions that support business goals. Position collaborates with other departments (e.g. Quality/Risk Management, Information Technology, Human Resources, etc.) to direct compliance matters to appropriate existing channels for investigation and resolution. Position manages relationships with Business Associates, including ensuring that up-to-date Business Associate Agreements (BAA) or other appropriate agreements are in place and that BAA tracking is maintained.
- Develops, implements and monitors HIPAA privacy and security plans.
- Acts as the designated point of contact for HIPAA privacy, security and breach related matters.
- Ensures that reasonable safeguards and security measures exist, as well as proper leadership and team member training, so that Protected Health Information is maintained and is not improperly used or disclosed.
- Oversees the internal privacy related complaint resolution process.
- Ensures team members receive regular privacy awareness training.
- Maintain and monitor current National Provider Information for all CESLC covered entities.
- Oversees and conducts initial and periodic privacy and security risk assessments/audits and conducts related ongoing compliance monitoring activities.
- Oversees the implementation, distribution, and enforcement of the following documents/procedures: Notice of Privacy Practices and Authorization for Disclosure of Protected Health Information; conflict of interest statements; and Business Associate Agreements.
- Receives, evaluates and responds to alleged violations of rules, regulations, policies, procedures and standards of conduct, including those reported via the compliance hot line.
- Prepares and presents a privacy and security report to the executive team on a semi-annual basis.
- Develops, initiates, maintains, and revises policies and procedures for the general operation of the compliance program and its related activities to prevent illegal, unethical, or improper conduct.
- Plans and directs efforts related to monitoring and auditing of risk areas, including establishing standards, processes, and assessment and tracking tools to evaluate compliance with regulations, policies, procedures and internal control processes. Analyzes, monitors and audits outcomes to determine operations' compliance with regulatory requirements.
- Bachelor's Degree in related field required. Master's Degree in related field considered a plus.
- Minimum three years of experience in a healthcare provider organization or in a Legal, Compliance, HIPAA, or related consulting field required.
- Ability to work effectively in a team environment.
- Good analytical, organizational, planning, verbal and written communication skills.
- Certification in Security and/or Privacy strongly preferred.
We offer a competitive salary and excellent benefits in a friendly, fast-paced, team-oriented environment. To learn more, please send resume and salary requirements to: Charles E. Smith Life Community, Attn: Chris Stamps, 6121 Montrose Road, Rockville, MD 20852, Fax (301) 770-8511; EOE Company Website: http://smithlifecommunities.org