What are the responsibilities and job description for the Privacy & Compliance Manager position at Madison Approach Staffing Inc?
Job Type: Direct Hire (Full-time, Regular)
Salary: $108,312 annually
Location: Ossining, NY | On-site
Schedule: Monday-Thursday, 8:00am-5:15pm OR Monday-Friday, 8:30am-4:00pm
Job Overview
Madison Approach Staffing is recruiting for a Privacy & Compliance Manager for our client, an international mission-based nonprofit organization. This role serves as the organization's Compliance Officer and Privacy Officer, reporting to the Chief Operations Officer and General Council. The Manager is responsible for developing, implementing, and overseeing the organization's comprehensive compliance and privacy program across international and national programs to ensure compliance with GDPR, HIPAA, applicable State regulations, and the OIG Seven Elements of an Effective Compliance Program. This position serves as the primary point of contact for all compliance and privacy matters including patient rights, workforce training, policy enforcement, breach response, investigations, and internal auditing. The ideal candidate brings deep expertise in healthcare privacy and compliance, strong knowledge of GDPR and HIPAA regulations, and ability to lead compliance programs across multiple locations.
Key Responsibilities
Privacy & Compliance Program Leadership
Salary: $108,312 annually
Location: Ossining, NY | On-site
Schedule: Monday-Thursday, 8:00am-5:15pm OR Monday-Friday, 8:30am-4:00pm
Job Overview
Madison Approach Staffing is recruiting for a Privacy & Compliance Manager for our client, an international mission-based nonprofit organization. This role serves as the organization's Compliance Officer and Privacy Officer, reporting to the Chief Operations Officer and General Council. The Manager is responsible for developing, implementing, and overseeing the organization's comprehensive compliance and privacy program across international and national programs to ensure compliance with GDPR, HIPAA, applicable State regulations, and the OIG Seven Elements of an Effective Compliance Program. This position serves as the primary point of contact for all compliance and privacy matters including patient rights, workforce training, policy enforcement, breach response, investigations, and internal auditing. The ideal candidate brings deep expertise in healthcare privacy and compliance, strong knowledge of GDPR and HIPAA regulations, and ability to lead compliance programs across multiple locations.
Key Responsibilities
Privacy & Compliance Program Leadership
- Develop, implement, and oversee comprehensive compliance and privacy program across multiple locations including international and national programs
- Ensure compliance with GDPR, HIPAA Privacy Rule (45 CFR Parts 160 & 164), Title 10 NYCRR, NY SHIELD Act, and OIG Seven Elements of an Effective Compliance Program
- Safeguard confidentiality, integrity, and availability of protected health information (PHI) and regulated health information
- Function as independent and objective body that reviews and evaluates compliance and privacy issues/concerns within organization
- Serve as primary point of contact for all compliance and privacy related matters
- Develop and maintain facility's Notice of Privacy Practices, policies, and procedures
- Ensure leadership, members in administrative roles, and employees comply with global, federal, and state rules
- Deliver workforce training on privacy, HIPAA, GDPR, and compliance requirements
- Foster culture of confidentiality and compliance throughout organization
- Ensure organizational behavior meets Code of Conduct standards
- Lead breach response activities and regulatory reporting
- Conduct compliance and privacy investigations
- Manage patient rights requests and privacy-related inquiries
- Coordinate incident response and corrective action planning
- Oversee all internal audit and administrative functions related to compliance and privacy program
- Conduct internal auditing and monitoring activities
- Ensure PHI is used and disclosed in accordance with global, federal, and state regulations
- Prepare compliance reports and analytics for leadership review
- Experience: 5-7 years healthcare privacy or compliance experience, preferably in long-term care or healthcare setting
- Education: Bachelor's degree in Health Administration, Legal Studies, Compliance, or related field; Master's or JD preferred
- Regulatory Expertise: In-depth knowledge of OIG Seven Elements, GDPR, HIPAA Privacy Rule, and State privacy laws
- PHI Knowledge: Expertise in PHI lifecycle and permissible disclosures
- Certifications: Certified in Healthcare Compliance (CHC) and/or Certified in Healthcare Privacy Compliance (CHPC), or ability to become certified within first six months of hire
- Analytical Skills: Strong analytical, communication, and problem-solving abilities
- Breach Response: Skilled in breach response and regulatory reporting
- Policy Development: Strong training and policy development capabilities
- Regulatory Interpretation: Ability to interpret and apply complex regulations
- Confidentiality: Ability to maintain confidentiality and exercise sound judgment
- Microsoft Office: Proficiency in MS Office including advanced Excel skills for data tracking, analysis, and reporting
- ERP Systems: Familiarity with enterprise resource planning systems and document/workflow management platforms (e.g., Microsoft SharePoint); ability to assess data flows and access to sensitive information
- EHR/EMR: Experience with electronic health record systems and understanding of how PHI is created, maintained, and accessed
- Tracking Systems: Familiarity with compliance, audit, or incident tracking systems (a plus)
- Master's degree or JD
- International/multi-country compliance experience
- GDPR implementation experience
- Long-term care facility experience
- Nonprofit or mission-based organization experience
- Experience with multi-location compliance oversight
- Spanish language skills
Salary : $108,312