Everyone who works with Mercy Health is united under one purpose: to help our patients be well in mind, body and spirit. This drive, along with our history of faith, is a powerful combination. It gives us a shared calling to work toward every day. Join our exceptional team and help us continue to provide the highest quality of health care possible to our communities.

SYSTEM DIRECTOR, COMPLIANCE | Work From Home/Remote

WFH/Remote anywhere in the US (Eastern/Central Time Zone Preferred)

*We operate in the Eastern Time Zone*

Reports to: Vice President of Privacy and Compliance

Primary Function/General Purpose of Position

Under the direct supervision of the Vice President of Privacy and Compliance, this position contributes to the Bon Secours Mercy Health mission and vision by developing and implementing the compliance program for assigned areas of responsibility. This position oversees and provides compliance related activities relative to Bon Secours Mercy Health operations conducted at local and remote locations and leads ad hoc compliance investigations, education, auditing, and monitoring.

Essential Job Functions

• ​Support the BSMH Compliance program, including application of leading practice approaches to identification, assessment, and mitigation of risks, auditing and monitoring, workplan development, education of operational leaders on regulatory requirements, establishing functional compliance committee, and implementing compliance policies

• Serve as the subject matter expert within assigned areas of responsibility including data privacy, security, analytics and artificial intelligence by staying up-to-date with current and emerging regulations and government agency guidance including OCR, CMS, TJC, NIST, OIG, FTC, FDA, ONC, State Medicaid and/or other relevant state/federal agencies

• Conduct audits and monitoring of assigned areas evaluating their compliance with relevant regulations (e.g., HIPAA, HITECH), industry standards, internal policies, and provide recommendations for improvement

• Provide advice/consultation to functional leadership regarding initiatives to assist in mitigating risks to the organization and facilitate strategic initiatives. This will include education and training sessions on emerging risk areas, policy & procedure development, governance, and risk frameworks

• Lead advanced investigations across the ministry relative to assigned areas, working collaboratively with HR, IT, Cybersecurity, Risk, Legal, and other BSMH Partners.

• Develops monitoring and auditing protocols/tools specific to assigned areas

• Develop and implement security compliance policies and procedures related to the HIPAA security rule. Identify and implement artificial intelligence applications to facilitate compliance program effectiveness. Provide data analytics techniques, statistical analysis, and modeling, through databases developed internally, or in conjunction with other third-party vendors to detect, monitor, and audit potential compliance issues

• Participates in various ad-hoc and/or established BSMH committees to provide updates and perspective, and shares identified risks with Compliance Leaders for awareness and collaboration.

• Develop educational content and trending of non-compliant activities to enhance proficiency and competency, understanding of standards and the consequences of non-compliance. Prepares multi-faceted oral, written and electronic communications and presentations to facilitate discussion, networking, decision-making and proactive responses to meet current and emerging challenges among affected parties and entities.

• Hire, train, coach, counsel, manage and evaluate performance of direct reports within assigned areas

Licensing/Certification

Certified in Healthcare Compliance (required)

Certified Information Privacy Professional (preferred)

Certified Information Systems Security Professional (preferred)

Certified in Healthcare Security (CHS) (preferred)

Certified Information Security Manager (CISM), (preferred)

Certified Artificial Intelligence Governance Professional (preferred)

Education

Bachelor's Degree in related field

Master level degree in a related field or Juris Doctor

Bachelor of Computer Science (preferred)

Bachelor of Cybersecurity (preferred)

Bachelor of Science in Health Informatics (preferred)

Master in informatics, computer science, law, business or related field (preferred)

Work Experience

8-10 years of experience managing compliance data privacy and/or security within healthcare

5+ or more years of experience working in a cybersecurity role (preferred)

Skills

• In-depth knowledge of industry-relevant data security and compliance regulations, standards, and audit frameworks such as SOC, ISO.

• Proficient in Microsoft Office including SharePoint, Smartsheets, Outlook, PowerPoint, Excel and Word.

• Strong understanding of information security and privacy standards and best practices related to data confidentiality.

• Strong knowledge of applicable federal, state and local laws, regulations and policies pertaining to health care and cyber-security compliance matters.

• Demonstrated ability to independently identify, analyze, and propose and move forward with solutions, and ability to problem solve to find answers and solutions while using sound judgment

• Demonstrated ability to manage multiple or competing priorities and cross functional teams

• Strong analytical skills with the ability to interpret and present data effectively.

• Experience with interpreting state and federal requirements applicable to the organization, assessing their impact and making recommendations to operational stakeholders to ensure compliance.

• Excellent analytic and problem-solving skills to report, identify compliance risks and prioritize recommendations.

• A leader who will inspire confidence with key stakeholders, build consensus, influence others, maintain credibility and effectively lead teams

• Demonstrated ability to collaborate effectively with cross-functional teams, build relationships with key stakeholders, leaders, and influence others to achieve compliance objectives

• Excellent analytical, communication and critical thinking skills with intuitive ability to appropriately escalate matters based on potential risk to the organization.

• Ability to develop unique and novel solutions to problems; view change as necessary.

• Responds well under pressure; accepts delegation while simultaneously serving as a coach/mentor/supporter to subordinates

• Robust organizational skills with attention to deadlines, details, and accountability

• High degree of integrity and ability to maintain confidentiality

• Willing to learn, admit to mistakes and have an open mindset to new avenues

Many of our opportunities reward* your hard work with:

Comprehensive, affordable medical, dental and vision plans
Prescription drug coverage
Flexible spending accounts
Life insurance w/AD&D
Employer contributions to retirement savings plan when eligible
Paid time off
Educational Assistance
And much more

*Benefits offerings vary according to employment status

All applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, sexual orientation, gender identity, age, genetic information, or protected veteran status, and will not be discriminated against on the basis of disability. If you'd like to view a copy of the affirmative action plan or policy statement for Mercy Health – Youngstown, Ohio or Bon Secours – Franklin, Virginia; Petersburg, Virginia; and Emporia, Virginia, which are Affirmative Action and Equal Opportunity Employers, please email recruitment@mercy.com. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact The Talent Acquisition Team at recruitment@mercy.com