Job Description Summary:

The Compliance and Privacy Official is responsible for providing strategic direction and oversight for the organization's corporate compliance and privacy programs, ensuring alignment with evolving healthcare regulations, industry standards, and internal policies. As a key advisor to executive leadership, the Board of Directors, and governance committees, the role fosters a culture of ethics, accountability, and transparency across the enterprise.

The Compliance and Privacy Official leads a team of compliance and privacy professionals, driving continuous improvement and operational excellence. This role is critical for risk mitigation, regulatory readiness, and the development of policies and practices that safeguard patient and organizational data.

Responsibilities include but are not limited to:

Privacy Program LeadershipOversee the organization’s Privacy Program, including HIPAA and GDPR compliance.Lead cross-functional efforts to investigate and resolve privacy incidents.Corporate Compliance OversightManage the Compliance and Ethics Program, including the Code of Business Conduct and annual reporting to leadership and the Board.Address compliance issues in collaboration with internal stakeholders.Government Programs ComplianceServe as the subject matter expert for Medicare Part D and other government program compliance.Chair the MPDP Compliance Committee and report findings to senior leadership.Team LeadershipLead and develop a high-performing compliance and privacy team, fostering professional growth and a positive, inclusive work environment.Systemwide EngagementPromote best practices and coordinate incident response efforts across the system.Training & EducationOversee compliance and ethics training programs for Blue Plan Compliance leaders.

Required Education, Certifications and Experience:

Education:

Required Bachelor's Degree or equivalent work experiencePreferred Master's Degree in Law; Business Administration; or equivalents

Experience:

12+ Years Experience in the healthcare industry with demonstrated knowledge of regulatory, privacy (HIPAA), and compliance and ethics issues Required

Knowledge Skills and Abilities:

Proven ability to lead teams, drive organizational change, and influence cross-functional initiatives in complex environments.Deep understanding of healthcare compliance, privacy program administration, and data security technologies, including HIPAA and GDPR.Strong capability to assess regulatory and operational risks and develop effective mitigation strategies.Excellent analytical skills with sound business judgment, creativity, and initiative to solve complex problems.Advanced interpersonal and communication skills, including experience facilitating training and presenting to executive leadership and governance bodies.Ability to build and maintain credible relationships with internal and external stakeholders, including senior executives and board members.Skilled in strategic project planning and execution, with the ability to remain composed and tactful under pressure.Competent in Microsoft Office applications and other relevant compliance and privacy tools.
Understanding of data security technologies and privacy program administration

Certifications & Licenses:

Preferred: Licensed Attorney (varies by state) - VariousPreferred: Professional, Academy for Health Care Management (PAHM) - AHIPPreferred: Certified Information Privacy Professional (CIPP) - IAPP

Additional Information:

Minimum twelve years' experience in the healthcare business arena with demonstrated knowledge of current regulatory and compliance and ethics issues, including knowledge of and experience working with Centers for Medicare and Medicaid Services/Medicare compliance requirements.Experience managing privacy programs subject to healthcare laws and regulations, including HIPAAMust have at least one year of experience managing privacy programs subject to healthcare laws and regulations, and a proven track record of leading and implementing regulatory compliance initiatives.Direct experience with CMS/Medicare compliance requirements is required.Proven record in leading and implementing regulatory compliance programs

#LI_HYBRID

The posted salary range is the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting.  We may ultimately pay more or less than the hiring range and this hiring range may also be modified in the future. A candidate’s position within the hiring range may be based on several factors including, but not limited to, specific competencies, relevant education, qualifications, certifications, relevant experience, skills, seniority, performance, shift, travel requirements, and business or organizational needs. This job is also eligible for annual bonus incentive pay. 

We offer a comprehensive package of benefits including paid time off, 11 holidays, medical/dental/vision insurance, generous 401(k) matching, lifestyle spending account and many other benefits to eligible employees. 

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.