Location: Remote (*select states)
Company Overview: Applied Research Works, Inc. is a forward-thinking organization dedicated to operationalizing value-based care. We are seeking a highly skilled and collaborative Regulatory Compliance Officer to join our team and help us navigate the complex landscape of healthcare regulations.
Position Summary: The Regulatory Compliance Officer will report to the Chief Information Officer (CIO) and Security Privacy Officer (SPO). This role is responsible for ensuring our organization's compliance with state and federal healthcare regulations. This involves supporting HITRUST, NCQA DAV, and other related work that assess governance around privacy and security, quality, and integrity. Additionally, the role includes keeping the team informed of relevant policies, regulations, and debriefings, as well as representing the company in workgroups, conferences, and industry meetings. The ideal candidate will be a proactive advocate for our mission, capable of pulling the team into appropriate workgroups and leading advocacy efforts.
Key Responsibilities:
- Monitor and interpret state-specific and federal healthcare regulations, ensuring organizational compliance and staying ahead of market needs by understanding the regulations our customers are held accountable to (e.g., DMHC in California).
- Develop and maintain policies and procedures related to information security and privacy.
- Aid in regular risk assessments and audits to ensure compliance with security and privacy standards.
- Support HITRUST, NCQA DAV, and other related work that assess governance around privacy and security, quality, and integrity.
- Collaborate with internal teams to support innovative approaches while maintaining regulatory compliance and ensuring the security and privacy of information systems.
- Provide guidance on integrating with state systems, including state HIEs, public registries, and other systems, in compliance with state regulations.
- Inform the team on consent management and levels of assurance (LOA) requirements and best practices.
- Provide regular debriefings on policy changes, security, and privacy implications for the organization.
- Represent the company in various workgroups, conferences, and industry meetings.
- Identify and engage with relevant workgroups and meetings to stay on top of governance, privacy, security, HIE/HIN services, etc.
- Advocate for the organization’s interests in policy discussions and regulatory forums.
- Build and maintain a network within the healthcare industry to stay informed of policy developments.
Qualifications:
- Bachelor's degree in healthcare administration, law, public policy, information security, or a related field. A Master's degree or Juris Doctor (JD) is preferred.
- Extensive experience in healthcare regulations, including HIPAA, HITECH, and other relevant laws.
- Proven experience in policy advocacy within the healthcare industry.
- Strong understanding of state-specific and federal healthcare regulations.
- Experience in developing and deploying information security and privacy policies and procedures.
- Excellent communication and interpersonal skills.
- Ability to collaborate effectively with cross-functional teams.
- Strong leadership and representation skills.
- Ability to stay informed of industry developments and regulatory changes.
Preferred Skills:
- Experience in health information exchange (HIE) and health information networks (HIN).
- Established network within the healthcare regulatory community.
- Experience providing debriefings and training on regulatory changes.
- Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), or Certified in Healthcare Privacy and Security (CHPS).
- Experience with state HIEs, public registries, consent management, and levels of assurance (LOA).