System Director Compliance

Thank you for considering a career at Bon Secours Mercy Health!

Scheduled Weekly Hours:

40

Work Shift:

Days (United States of America)

SYSTEM DIRECTOR, COMPLIANCE | Work From Home/Remote

WFH/Remote anywhere in the US (Eastern/Central Time Zone Preferred)

*We operate in the Eastern Time Zone*

Reports to: Vice President of Privacy and Compliance

Primary Function/General Purpose of Position

Under the direct supervision of the Vice President of Privacy and Compliance, this position contributes to the Bon Secours Mercy Health mission and vision by developing and implementing the compliance workplan for assigned areas including an emphasis on cybersecurity.  This position oversees and provides compliance related activities relative to Bon Secours Mercy Health operations conducted at local and remote locations and leads adhoc compliance investigations, education, auditing and monitoring.

Essential Job Functions

​Implement the BSMH Compliance program, including application of leading practice approaches to identification, assessment, and mitigation of risks, auditing and monitoring, workplan development, education of operational leaders on laws and regulations, establishing functional compliance committee, and implementing compliance policies

Serve as the subject matter expert within assigned areas including cybersecurity and artificial intelligence by staying up-to-date with applicable laws, regulations and government agency guidance including OCR, CMS, TJC, NIST, OIG, FTC, FDA, ONC, State Medicaid and/or other relevant state/federal agencies

Conduct audits and monitoring of assigned areas evaluating their compliance with relevant regulations (e.g., HIPAA, HITECH), industry standards, internal policies, and provide recommendations for improvement

Provide advice/consultation to functional leadership regarding initiatives to assist in mitigating risks to the organization. This will include education and training sessions on emerging risk areas, policy & procedure development, governance, and risk frameworks

Lead advanced investigations across the ministry relative to assigned areas.  Works collaboratively with IT, Cybersecurity, Risk, Legal, and other BSMH Partners to conduct interviews, document investigatory steps, and makes corrective action recommendations

Develops monitoring and auditing protocols/tools specific to assigned areas

Create and oversee the implementation of new security compliance policies and procedures

Identify and implement artificial intelligence applications that provide data analytics techniques, statistical analysis and modeling, and databases developed internally, or in conjunction with other third-party vendors to detect, monitor, and audit potential compliance issues

Participates in various ad-hoc and/or established BSMH committees to provide updates and perspective, and shares identified risks with Compliance Leaders for awareness and collaboration.

Identifies the need and develops educational content and trending of non-compliant activities to enhance proficiency and competency, understanding of standards and the consequences of non-compliance.  Prepares multi-faceted oral, written and electronic communications and presentations to facilitate discussion, networking, decision-making and proactive responses to meet current and emerging challenges among affected parties and entities.

Hire, train, coach, counsel, manage and evaluate performance of direct reports within assigned areas

Licensing/Certification

Certified Information Systems Security Professional (preferred)

Certified in Healthcare Security (CHS) (preferred)

Certified Information Security Manager (CISM),

Certified Artificial Intelligence Governance Professional (preferred)

Certified in Healthcare Compliance (preferred – must be obtained within 1 year of hire)

Certified Information Privacy Professional (preferred)

Education

Bachelor's Degree in related field 

Bachelor of Computer Science (preferred)

Bachelor of Cybersecurity (preferred)

Bachelor of Science in Health Informatics (preferred)

Master in informatics, computer science, law, business or related field (preferred)

Juris Doctor (preferred)

Work Experience

5-10 years of experience managing compliance, privacy and/or security for an organization as an individual or as part of managing a team that owned this as their primary responsibility.

5+ or more years of experience working in a cybersecurity role (preferred)

Skills

In-depth knowledge of industry-relevant data security and compliance regulations such as SOC, ISO.

Knowledge of security standards and audit frameworks (e.g., SOC, ISO).

Proficient in Microsoft Office including SharePoint, Smartsheets, Outlook, PowerPoint, Excel and Word.

Strong understanding of information security and privacy standards and best practices related to data confidentiality.

Strong knowledge of applicable federal, state and local laws, regulations and policies pertaining to health care and cyber-security compliance matters.

Demonstrated ability to independently identify, analyze, and propose and move forward with solutions, and ability to problem solve to find answers and solutions while using sound judgment

Demonstrated ability to manage multiple or competing priorities and cross functional teams

Strong analytical skills with the ability to interpret and present data effectively.

Experience with interpreting state and federal requirements applicable to the organization, assessing their impact and making recommendations to operational stakeholders to ensure compliance.

Excellent analytic and problem-solving skills to report, identify compliance risks and prioritize recommendations.                       

A leader who will inspire confidence with key stakeholders, build consensus, influence others, maintain credibility and effectively lead teams

Demonstrated ability to collaborate effectively with cross-functional teams, build relationships with key stakeholders, leaders, and influence others to achieve compliance objectives

Excellent analytical, communication and critical thinking skills with intuitive ability to appropriately escalate matters based on potential risk to the organization.

Ability to develop unique and novel solutions to problems; view change as necessary.

Responds well under pressure; accepts delegation while simultaneously serving as a coach/mentor/supporter to subordinates

Robust organizational skills with an attention to deadlines, details, and accountability

High degree of integrity and ability to maintain confidentiality

Willing to learn, admit to mistakes and have an open mindset to new avenues.

Bon Secours Mercy Health is an equal opportunity employer.

Many of our opportunities reward* your hard work with:

• Comprehensive, affordable medical, dental and vision plans
• Prescription drug coverage
• Flexible spending accounts
• Life insurance w/AD&D
• Employer contributions to retirement savings plan when eligible
• Paid time off
• Educational Assistance
• And much more

*Benefits offerings vary according to employment status.

Department:

SS Enterprise Risk - Corp Responsibility

It is our policy to abide by all Federal and State laws, as well as, the requirements of 41 CFR 60-1.4(a), 60-300.5(a) and 60-741.5(a). Accordingly, all applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, age, genetic information, or protected veteran status, and will not be discriminated against on the basis of disability. If you’d like to view a copy of the affirmative action plan or policy statement for Mercy Health– Youngstown, Ohio or Bon Secours – Franklin, Virginia; Petersburg, Virginia; and Emporia, Virginia, which are Affirmative Action and Equal Opportunity Employer, please email [email protected]. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact The Talent Acquisition Team at [email protected].