Serves as Vice President of Audit/Compliance Services, Chief Compliance & Privacy Officer for the Sparrow Health System. Independently evaluates and recommends improvements to the existing and proposed systems and/or internal controls of Sparrow Health System. Leads the planning, design, implementation, and monitoring of a system-wide corporate compliance plan and internal audit process. Promotes an awareness and understanding of ethical, moral, and legal principles consistent with the mission and vision of Sparrow Health System.
The Sparrow Health System Chief Privacy Officer (CPO) oversees all activities governing the development, implementation and maintenance of policies and procedures affecting the privacy of and access to protected health information (PHI) and patients’ rights related to the uses and disclosures of their personal PHI. The CPO further develops, implements and maintains routine monitoring methodologies, which gauge adherence to those privacy policies and procedures and facilitates their enforcement in compliance with federal and state laws, accreditation standards and the Health System’s own information privacy practices.
This job description is intended to cover the minimum essential duties assigned on a regular basis. Caregiver may be asked to perform additional duties as assigned by their leader. Leadership has the right to alter or modify the duties of the position.
Assess risk and exposures throughout the Health System and develop an annual plan of areas for potential audit & compliance review which will be approved by the CEO and the Audit Committee of the Board of Directors. Report on status of annual plan completion to the CEO and the Audit Committee on a periodic basis.
Oversee a process for the conducting and/or reviewing, monitoring and approving of scheduled internal and compliance audits. Evaluate existing compliance, financial, operational, information systems internal controls and policies and procedures and recommend improvements.
Ensure that Sparrow has policies in place to address compliance issues, by ensuring that appropriate departments are addressing compliance through detailed policies and/or procedures that they are continually updated for regulatory changes.Oversee Sparrow's Corporate Compliance/Internal Audit Department and assist the Department of Health and Human Services, other legal entities and organizational officers in any external compliance reviews or investigations.
Oversee the development of compliance training, and ensure that detailed training regarding applicable rules and regulations is provided to all applicable Caregivers.
Maintain ongoing contact with the external audit firms, establishing an awareness and understanding of each audit and process, and arranging opportunities for involvement or assistance. Ensure management responds to all audit and compliance reports (both internal and external), including timetables. Follow up and report on appropriate resolution of weaknesses and implementation of corrective action/process improvement.
Establish a uniform method for Caregivers to raise questions (hotline process) and report areas of potential non-compliance. Review and respond to all inquires, utilizing the expertise of legal counsel.
Monitor and report all significant compliance and audit issues to the CEO and Finance & Audit Committee on a quarterly basis.
Oversee the Compliance auditing function which is designed to promote the accuracy and integrity of hospital billing by identifying deficiencies, and making recommendations to improve charge capture, medical record documentation and billing systems. Oversee the process for making repayments to federal and state agencies.
Chairs the SHS Compliance & Ethics Committee and serves on other executive level committees and task forces as requested, i.e., Presidents Council, Sparrow Specialty Hospital Board, SHS Grievance Experieince Committee, SHS Finance & Audit Committee, and the PHP Quality Committee.
PRIVACY PROGRAM COMPLIANCE:
The CPO represents the Health System’s information privacy practices by working with external parties, including state and local governments, which undertake the adoption or amendment of privacy legislation, regulations or standards.
Implement and maintain Sparrow Health System's Privacy Program in accordance with federal and state regulations and accreditation standards. Maintain efficient, effective, and cost-sensitive operations in a manner consistent with the Sparrow mission.
Coordinate the development, implementation and routine maintenance of all Privacy Program documentation, including but not limited to consents, authorization forms, notifications of privacy practices, patients’ rights and required administrative policies and procedures.
Establish and administer a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization’s privacy policies and procedures in collaboration with other similar functions and, when necessary, legal counsel.
Administer compliance with privacy practices and the consistent application of sanctions for failure to comply with privacy policies by members of the organization’s workforce, extended workforce and business associates in cooperation with the Human Resources Department, Data Security Administration, Administration, and legal counsel, as applicable.
Establish a mechanism to track and report historical access to PHI and a procedure, which enables qualified individuals to review or receive a report of access activity.
Oversee activities related to the rights of patients to inspect and amend PHI, as well as restrict the uses and disclosures of PHI.
Collaborate with the Chief Information Security Officer to align all system-related privacy plans and practices with security plans and practices throughout the Health System.
Work with administration, legal counsel and other related parties to represent the organization’s information privacy practices and interests to external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulations, or standards.
Serves as organizational contact for complaints as stipulated by the Health Insurance Portability and Accountability Act (HIPAA) and cooperates with the Office of Civil Rights, other legal entities and officers of the organization in compliance reviews or investigations
* Engage in routine analysis of Health System privacy related policies and procedures to gauge their continuing adequacy when compared to legal requirements and accreditation standards.
* Oversee in the development, implementation, and maintenance of a compliance monitoring methodology related to 3rd party vendors and business associate agreements, to determine that privacy requirements and responsibilities are addressed.
* Perform initial and periodic information privacy risk assessments.
* Conduct compliance monitoring and reporting activities in coordination with the Health System’s Corporate Compliance Program.
PRIVACY EDUCATION AND TRAINING:
* Oversee the development and implementation of privacy training and orientation programs for all Caregivers, volunteers, medical and professional staff, contractors, alliances, business associates and other third parties, as appropriate.
* Initiate, facilitate and promote activities to foster information privacy awareness within the organization and related entities.
*Certified as Public Accountant, Internal Auditor, or similar certification preferred
*Minimum of seven years of experience in a Health Care auditing position *Minimum of three years in a related Management/Director position *Experience with Corporate Compliance Plans preferred
*Masters in Health Administration, Business Administration or related field
Specialized Knowledge and Skills
*Working knowledge of laws and regulations imposed on healthcare systems by various agencies, particularly Medicare and billing regulations. *Experience with Management Information Systems audits and related internal controls. *Skills in written and verbal communications. *Proficiency with spreadsheets, word processing, and audit software. *Demonstrates ability to use a keyboard as will be required to perform the essential duties of the position.
Sparrow Health System is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.