Director, Compliance & Privacy

Date: Jul 22, 2021

Location: Rancho Cucamonga, CA, US

Company: Inland Empire Health Plans

Job Requisition ID: 5314 


Position Summary/Position


At the direction of the VP/Chief Compliance Officer, the Director, Compliance & Privacy oversees IEHP’s Compliance, Privacy, and Fraud, Waste and Abuse programs, and is accountable for a broad range of critical corporate compliance activities, including ongoing development of the current program, risk assessment and response, compliance education, audits and investigations, maintaining the Compliance Plan, preparing reports for the Compliance Committee and Board of Directors, and collaborating with internal business partners and external individuals, vendors and contractors. 

The Director, Compliance & Privacy serves as IEHP’s designated Privacy Officer as required under HIPAA. The Director is responsible for the organization's Privacy Program including but not limited to daily operations of the program; development, implementation, and maintenance of policies and procedures; monitoring program compliance; investigation, tracking and reporting of incidents and breaches, and ensuring patients' rights in compliance with federal and state laws and IEHP’s information privacy practices. The Director, Compliance & Privacy may act as the Compliance Officer in the absence of the VP/Chief Compliance Officer.

Major Functions (Duties and Responsibilities)


1. Oversees Compliance Audit and Oversight and Special Investigation Unit managers and teams by providing leadership, assistance, training, feedback, and motivation necessary to mentor and develop staff.
2. Performs an annual, enterprise-wide risk assessment and develops an audit work plan for compliance and operational audits to ensure proper control systems are in place for key risk areas.
3. Leads IEHP’s audit program. Continually monitors and improves internal and external audit and monitoring processes to ensure that the organization, as well as vendors, are compliant with applicable laws and regulations. 
4. Manages the planning, scheduling and implementation of procedural changes required for meeting organizational Compliance Program Effectiveness. 
5. Develops and implements educational programs designed to promote awareness and understanding of the compliance program, IEHP policies, and key laws and regulations relevant to IEHP.
6. Responds to alleged violation of IEHP’s Code of Conduct, policies, procedures, and state or federal laws or regulations by conducting or guiding investigations when appropriate, ensuring the implementation of corrective actions.
7. Provide quarterly and annual reporting as required by the Compliance Committee and Board of Directors regarding compliance program activities.
8. Oversees the development and implementation of the Annual Compliance Work Plan and monitors adherence to policies, procedures, regulations, contractual requirements through the Work Plan key indicators.  
9. Conducts independent investigations on issues of non-compliance and reports findings and mitigation strategies to the CEO, Executive Team and/or IEHP Governing Board as deemed appropriate by the VP/Chief Compliance Officer.
10. Builds a strategic and comprehensive Privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of protected health information (PHI), paper and/or electronic, across all media types. Ensures privacy forms, policies, standards, and procedures are up-to-date.
11. Works with organization senior management, security, and VP/Chief Compliance Officer to establish governance for the Privacy Program.
12. Serves in a leadership role for Privacy compliance.
13. Collaborates with the information security officer to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the information systems department.
14. Establishes, with the information security officer, an ongoing process to track, investigate and report inappropriate access and disclosure of protected health information. Monitor patterns of inappropriate access and/or disclosure of protected health information.
15. Performs or oversees initial and periodic information Privacy risk assessment/analysis, mitigation and remediation.
16. Conducts related ongoing compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions.
17. Takes a lead role, to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements.

Supervisory Responsibilities

Leader: Administers Hires, Terminations, and Performance Reviews

Experience Qualifications


A minimum of ten (10) years of experience in healthcare, with at least five (5) years in a progressive leadership role in Compliance within a health care setting. Must have demonstrated knowledge of HIPAA and experience with applying those regulations into a compliance framework.

Preferred Experience

Education Qualifications


Bachelor’s degree in a related field from an accredited institution required.

Preferred Education


Master’s degree from an accredited institution preferred.
Juris Doctorate from an accredited institution preferred.

Professional Certification


Certified in Healthcare Compliance (CHC) preferred. 

Professional Licenses

Drivers License Required

Yes, must have a valid California Driver's license and valid automobile insurance. Must qualify and maintain driving record to drive company vehicles based on IEHP insurance standards of no more than three (3) points.

Knowledge Requirement

Skills Requirement


Strong analytical skills with emphasis on time management, financial analysis, project management and problem solving. Exhibits exemplary oral and written communication skills. This includes the ability to share information in an organized, clear and timely manner, both verbally and in writing, keeping peers, colleagues, staff, board members and committee members appropriately informed. Keeps multiple audiences informed, including the ability to exercise discretion in communications with varied stakeholders, to ensure that information is provided appropriately and confidentially, as warranted.

Abilities Requirement

Commitment to Team Culture


The IEHP Team environment requires a Team Member to participate in the IEHP Team Culture. A Team Member demonstrates support of the Culture by developing professional and effective working relationships that include elements of respect and cooperation with Team Members, Members and associates outside of our organization.

Working Conditions


Major Functions (Duties and Responsibilities) Continued:

18. Participates in the development, implementation, and ongoing compliance monitoring of all business associates and Business Associate Agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.
19. Manages all required breach determination and notification processes under HIPAA and applicable State breach rules and requirements.
20. Establishes and administers a process for investigating and acting on privacy and security complaints.
21. Performs required breach risk assessment, documentation, and mitigation. Works with Human Resources to ensure consistent application of sanctions for privacy violations.
22. Initiates, facilitates and promotes activities to foster information privacy awareness within the organization and related entities.
23. Cooperates with the U.S. Department of Health and Human Service's Office for Civil Rights, State regulators and/or other legal entities in any compliance reviews or investigations.
24. Serves as information privacy resource to the organization regarding release of information and to all departments for all privacy related issues.



Working Conditions:

Word processing involving computer keyboard and screens, automobile travel within the Inland Empire. 

Physical Requirements

Keyboarding: Traditional - FREQUENTLY
Keyboarding: Touch-Screen - FREQUENTLY
Keyboarding: 10-Key - FREQUENTLY
Hearing: One-on-One - FREQUENTLY
Near Visual Acuity - FREQUENTLY
Communicate: Information/ideas verbally - FREQUENTLY
Regular contacts: co-workers, supervisor - FREQUENTLY
Understand and follow direction - FREQUENTLY
Regular and reliable attendance - CONSTANTLY


Starting Salary: $144,976.00  - $184,849.60  

Pay rate will commensurate with experience


Inland Empire Health Plan (IEHP) is the largest not-for-profit Medi-Cal and Medicare health plan in the Inland Empire. We are also one of the largest employers in the region. With a provider network of more than 6,000 and a team of more than 2,000 employees, IEHP provides quality, accessible healthcare services to more than 1.2 million members. And our mission and core values help guide us in the development of innovative programs and the creation of an award winning workplace. As the healthcare landscape is transformed, we’re ready to make a difference today and in the years to come. Join our Team and Make a Difference with us! IEHP offers a Competitive salary and a benefit package with a value estimated at 35% of the annual salary, including medical, dental, vision, team bonus, and retirement plan.


Nearest Major Market: Riverside
Nearest Secondary Market: Los Angeles