THE POSITION

Company: Advanced Medical Management, Inc. (AMM)

Title: Director – Privacy

Location: Long Beach, CA

Reporting Lines: The Chief Compliance and Ethics Officer (the CCEO)

ABOUT AMM

AMM’s mission is to offer flexible administrative healthcare services that improve patient health, obtain profitability, maintain independence, and achieve 5-Star Quality. Our core values of Integrity, Collaboration, and Quality have driven our evolution from a physician practice management company to an Independent Physician Association (IPA) management company and fiscal intermediary administering and servicing a variety of commercial and government agency clients.

THE ROLE

As a member of AMM’s Compliance and Ethics team, the Director – Privacy fulfills a vital component of our mission. They are responsible for leading the Company’s Compliance & Ethics Program (the Program) privacy initiatives. Rigorous patient privacy protections are essential to fulfilling the expectations of AMM’s key stakeholders, including patients and their families and government agencies, and AMM is committed to exceeding those expectations. The Program is led by AMM’s CCEO, who reports to AMM’s Chief Executive Officer (CEO) and the AMM Board, and who oversees and manages the AMM Compliance Committee, consistent with industry best practices.

The Director – Privacy is expected to exemplify the Company’s culture and core values. This is a leadership role that requires sound and risk-aware judgment, productive collaboration across the Company, and demonstrated success in leading a team of in-house privacy professionals.

ESSENTIAL DUTIES & RESPONSIBILITIES

The following description provides an overview of primary responsibilities for this director position; it should not be interpreted as all-encompassing.

General Responsibilities

- Ensures that the CCEO is timely informed of all significant privacy developments.

- Works closely with the CCEO to facilitate the Program’s privacy initiatives.

- Undertakes to remain informed of relevant developments and trends in healthcare compliance and ethics by, among other things, attending seminars, reviewing professional

journals, and actively participating in professional organizations, and leverages that insight and knowledge to enhance the Program.

Privacy-Specific Responsibilities

- Leads the development of the Privacy Program, and is responsible for ensuring that the Privacy Program is properly structured and has sufficient resources with the requisite expertise and experience.

- Promotes Health Insurance Portability and Accountability Act of 1996 (HIPAA) awareness and compliance amongst the AMM Board, CEO, Executive Leadership Team, vendors, volunteers, and all Company employees through personal conduct and leadership.

- Serves as the Corporate Privacy Officer pursuant to the HIPAA Privacy Rule.

- Monitors the development and applicability of state data privacy and consumer protection laws and regulations.

- Ensures that the Privacy Program develops and maintains the key administrative, technical, and physical controls, elements, and functions set forth in applicable regulatory and enforcement agency guidance, including the standards enunciated by U.S. Department of Health and Human Services.

- Annually reviews and updates policies and procedures intended to protect patient health information to ensure compliance with changes in law or regulation.

- Develops and administers annual training and education on HIPAA, applicable state laws and regulations, and the Company’s related policies and procedures.

- Intentionally establishes a collaborative relationship with the Chief Information Officer (CIO), as well as Information Technology personnel, on matters including information security and the electronic medical record.

- In collaboration with the CIO, conducts an annual security risk assessment and presents the findings to the AMM Compliance Committee.

- Collaborates with the CIO to develop a business continuity plan and a disaster recovery service.

- As appropriate, collaborates with outside counsel to ensure the Company has and maintains appropriate privacy and confidentiality consent, authorization, and notice forms.

- Identifies areas of privacy vulnerabilities and risk areas and develops both preventive measures and corrective action plans and provides general guidance for how to avoid or handle similar situations in the future.

- Responsible for maintaining a system for tracking and enforcing Business Associate Agreements executed with vendors.

- Collaborates with the CIO to conduct table-top exercises to prepare the Company and its leaders in the event of a cybersecurity breach.

- Performs or oversees required routine breach assessments, documentation, and mitigation and reports observations and findings to the CCEO.

- In collaboration with the General Counsel, ensures that breach notification obligations are timely fulfilled.

- Interacts with government agency representatives, with the assistance of counsel if and as appropriate, in the event of a patient privacy-related inquiry, audit, or investigation.

EDUCATION & EXPERIENCE

- Five to ten years of relevant professional experience in healthcare with at least three years of experience in a leadership role. Strong preference for experience in healthcare privacy compliance at a large healthcare provider organization, health system, and/or payer.

- An undergraduate degree; preference for Juris Doctor from an accredited law school.

- Recommended top-tier healthcare privacy certification, such as Certified in Healthcare Privacy Compliance (CHPC) Certificate from the Health Care Compliance Association (HCCA) along with a fundamental understanding of regulatory framework and privacy practices.

- Demonstrated ability to work effectively with key internal and external stakeholders.

PROFESSIONAL PROFILE

Key Leadership and Management Skills

- A strategic mindset with a focus on creating value by exceeding stakeholder expectations.

- The professional judgment to know when a matter should be escalated to the CCEO.

- A demonstrated ability to cultivate highly productive working relationships with senior leaders, peers, and government agencies.

- An ability to operate successfully in a flat culture, with the courage and competence to engage on multiple fronts and tackle challenges head-on.

- An ability to prioritize effectively, and exercise sound judgment, in a fast-paced, physician-driven environment.

- A successful track record of advocating for a position while remaining receptive to the views of others, with the intellectual flexibility to craft alternate paths and solutions.

Personal Characteristics

- Exemplary integrity with courage and an unwavering ethical compass.

- Pragmatic, risk-aware professional judgment.

- An ability to analyze complex matters and situations three-dimensionally, while distilling relevant information and identifying viable paths forward.

- Demonstrated tact, trustworthiness, and diplomacy skills needed to manage sensitive and confidential information such as protected health information.

- An adept listener with a sense of humility

- An approachable, empathetic professional with the capability of understanding different values across a wide range of perspectives.

AAP/EEO Statement

It is the policy of Advanced Medical Management to provide equal opportunity for all applicants and employees. The Company does not unlawfully discriminate on the basis of race, creed, color, religion, sex sexual orientation, gender, gender identity, national origin, ancestry, age, medical condition or genetic characteristic, physical or mental disability, family care or medical leave status, military status, pregnancy, marital or domestic partner status, veteran status, or any other status protected by state or federal law.

Job Type: Full-time

Pay: $120,000.00 - $150,000.00 per year

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee assistance program
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

Schedule:

• 8 hour shift
• Monday to Friday

Ability to Commute:

• Long Beach, CA 90815 (Required)

Work Location: Hybrid remote in Long Beach, CA 90815