Job Description

Description
Overview:
The Compliance & Privacy Partner reports to the Chief Compliance Officer of Emory Healthcare (CCO EHC) and is responsible for supporting the daily operations of the Emory Healthcare Office of Compliance Programs.
This role serves as a subject matter expert on regulatory compliance and privacy, supporting the implementation of compliance initiatives, conducting investigations, coordinating risk assessments, and providing guidance to departments and operating units.
The Partner ensures adherence to healthcare laws, regulations, and policies and plays an important role in education, policy development, and the administration of key programs including the Emory Trust Line and Conflict of Interest disclosures.
Principal Duties and Responsibilities:
Program & Policy Support:
1. Supports the development and execution of department goals and the annual work plan.
2. Provides operational support for the Emory Healthcare Compliance Program.
3. Assists in reviewing and updating privacy and compliance policies.
4. Supports compliance-related education in collaboration with the Director of Compliance Education.
5. Maintains awareness of applicable laws, regulatory changes, and ethical business practices.
6. Supports departments in implementing compliance-related policies and education.
Investigations & Risk Management:
1. Conducts investigations into patient privacy matters and breach incidents.
2. Coordinates breach risk analyses and disclosure data reporting to DHHS per the Privacy Rule.
3. Supports investigations of compliance violations, documents findings, and coordinates resolution.
4. Collaborates with internal and external legal counsel on compliance investigations and OCR requests.
5. Coordinates responses to HIPAA/privacy allegations with Risk Management and Patient Relations.
6. Collaborates with Risk Management to review SAFE reports related to privacy or compliance violations.
Audits & Regulatory Compliance:
1. Conducts audits and investigations, summarizes findings, and supports corrective action plans.
2. Supports regulatory and internal audit requests and documentation.
3. Collaborates with Internal Audit and Enterprise Risk Management for annual enterprise risk assessments.
4. Assists with compliance review of Business Associate Agreements and document revisions.
5. Collaborates with billing compliance teams on audit reviews and refund processes.
6. Assists with documentation and submission processes for government and regulatory requests.
Reporting & Governance:
1. Contributes to the preparation of materials and reports for the Management Compliance Committee (MCC) and Audit & Compliance Committee (ACC).
2. Supports Conflict of Interest (COI) and Conflict of Commitment (COC) disclosure processes and investigations.
3. Assists in managing the Emory Trust Line (Hotline) and ensures reported concerns are addressed per policies.
4. Promotes awareness of the Emory Trust Line and supports related employee outreach campaigns.
5. Coordinates with Emory University Compliance and Human Resources as needed.
Operational & Advisory Support:
1. Serves as a resource to operating units, departments, and staff on compliance matters.
2. Analyzes and addresses compliance concerns through regulatory research and periodic reviews.
3. Provides real-time compliance support to business units across Emory Healthcare.
4. Assists the CCO EHC on cross-functional compliance and privacy initiatives.
Minimum Required Qualifications Education:

• Bachelor's degree in healthcare or a business-related field

Experience:

• At least seven (7) years of experience in healthcare compliance

Certification:

• Certification in healthcare compliance or a comparable credential from a recognized industry association focused on regulatory compliance, auditing, or monitoring

Knowledge, Skills, and Abilities:
1. Strong understanding of healthcare compliance and privacy laws, including HIPAA and the False Claims Act
2. Proven experience in audits, investigations, and development of corrective action plans
3. Excellent written and verbal communication skills
4. Strong analytical and problem-solving capabilities
5. Proficient in Microsoft Office and other relevant healthcare systems
6. Ability to manage multiple projects and meet critical deadlines
Preferred Qualifications and Experience:

• Education: Master's degree
• Minimum of 5 years of experience with HIPAA, HITECH, and other healthcare privacy regulations.
• Strong experience with privacy risk assessments, audits, compliance monitoring, handling privacy incidents, breach investigations, and regulatory reporting.
• Strong experience with creating and facilitating compliance and privacy education.
• Certified in Healthcare Privacy Compliance (CHPC). If not certified, certification must be obtained within 12 months of hire.
• Experience in an Academic Medical Center

Hybrid work schedule requiring on-site 2-3 times weekly

Skills Required