Senior Manager, Healthcare Privacy and Compliance

Minimum 5 years of experience leading healthcare data compliance initiatives with cross-functional stakeholders. Deep understanding of implementing and assessing controls in complex environments. Strong knowledge of HIPAA, HITRUST, SOC2, and other relevant regulatory standards. Strong written and verbal communication skills. Strong analytical, problem-solving, and communication skills. Exceptional attention to detail and commitment to ethical standards. Ability to collaborate and coordinate effectively with cross-functional teams. Communicate compliance requirements clearly. Diverse security and IT background (policy, IT service management, networking, infrastructure, application development, information security standards). Self-motivated with ability to work with minimal supervision.

Lead the development, implementation, and improvement of the healthcare privacy and compliance program. Ensure operations meet regulatory, governance, and client standards (HIPAA, HITRUST, SOC2, Medicare/Medicaid). Identify and mitigate compliance risks enterprise-wide. Foster a culture of accountability, data security, and ethical practices. Collaborate with leadership, business units, IT, security, internal departments, and external stakeholders. Promote compliance awareness and provide training. Develop, update, and enforce policies and procedures. Oversee and improve the auditing program, driving corrective actions. Serve as a trusted advisor on certifications, regulatory requirements, and best practices. Chair and manage the compliance committee. Monitor, assess, and document compliance risks, maintaining a risk register. Coordinate with internal teams to develop and execute risk mitigation plans. Develop and execute an incident response plan for compliance breaches. Design and deliver training programs for employees and contractors. Maintain accurate compliance records, reports, and documentation. Establish and track performance measures for compliance initiatives. Collaborate on business continuity planning aligned with compliance requirements. Lead security risk assessments for clients.