Job Details

Director, Chief Compliance & Privacy Officer - San Ysidro/Corporate

Job Description

Posted Thursday, August 28, 2025 at 10:00 AM

Position Summary:

The Chief Compliance Officer is responsible for establishing San Ysidro Health Center's Corporate Compliance Program. The Chief Compliance Officer will oversee all activities related to the development, implementation and maintenance of the program. The Chief Compliance Officer will ensure that the program achieves high standards through documented processes and procedures intended to ensure that the organization obtains and remains in compliance with all regulatory entities and requirements. The Chief Compliance Officer will be effective and efficient in identifying, preventing, detecting and correcting noncompliance issues within the organization. This position will report to the Executive Vice President of Operations.

Essential Functions of the Job:

• Ensures all employees are in compliance with the rules and regulations of regulatory agencies, organizational policies and procedures and that behavior in the organization meets San Ysidro Health Center's ethical standards
• Develops, initiates, maintains and revises policies and procedures for the general operation of the Compliance Program and its related activities to prevent illegal, unethical, or improper conduct
• Acts as the principal point of contact when responding to government investigations and queries in regard to compliance activities. Inform the CEO, Executive VP of Operations and the Board Compliance Committee of any important issues.
• Oversees the implementation and maintenance of the organization's HIPAA compliance program in accordance with the Health Insurance Portability and Accountability Act of 1996.
• Oversees compliance adherence for a variety of organizational programs, including PACE, HRSA, 340B Pharmacy, and others.
• Works with the appropriate departments and programs to ensure licensing and certification requirements are kept up to date.
• Performs ongoing compliance monitoring activities, including periodical reviews of departments.
• Conducts annual risk assessments to measure potential vulnerability and risk for all areas of the organization. Develops/implements corrective action plans for resolution of problematic issues resulting from the risk assessment and provides general guidance on how to avoid or resolve similar situations in the future.
• Develop a remediation plan to address any non-compliance areas and works with the appropriate departments to remediate issues.
• Ensures that the organization has and maintains appropriate privacy and confidentiality consent and authorization forms, information notices and materials reflecting current organization and legal practices and requirements.
• Oversee, direct, deliver, and/or ensure delivery of compliance training and orientation to all employees, volunteers, medical and professional staff and applicable business associates.
• Participates in the development, implementation, and ongoing compliance monitoring of all business associate agreements to ensure that all privacy concerns, requirements and responsibilities are addressed.
• Establishes and maintains a mechanism to track access to protected health information, within the purview of the organization and as required by law to allow qualified individuals to review or receive a report on such activity.
• Oversee and ensure the rights of the organization's patients to inspect, amend and restrict access to protected health information, when appropriate.
• Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the practice/organization's compliance policies and procedures in coordination and collaboration with other similar functions and, when necessary, legal counsel.
• Ensures compliance with privacy practices and consistent application of sanctions for failure to comply with privacy policies for all individuals in the practice/organization's workforce, extended workforce, and for all business associates, in cooperation with his/her immediate supervisor, Human Resources, and legal counsel, as applicable.
• Initiates, facilitates and promotes activities to foster compliance program(s) awareness within the organization and related entities.
• Serves as a member of, or liaison to, the organization's Policy Committee. Also serves as the information privacy liaison for users of clinical and administrative systems.
• Reviews all system-related information security plans throughout the organization's network to ensure alignment between security and privacy practices as required by Federal, State and County regulations. Acts as a liaison to the IT department, as necessary.
• Works with all organization personnel involved with any aspect of release of protected health information, to ensure full coordination and cooperation under the organization's policies and procedures and legal requirements
• Maintains current knowledge of applicable federal, state and county compliance laws and accreditation standards, and monitors advancements in information privacy technologies to ensure organizational adaptation and compliance.
• Cooperates with the U.S. Department of Health and Human Service's Office of Civil Rights, other legal entities, and organizations or officers in any compliance reviews or investigations.
• Establishes an internal audit program, working with the appropriate departments to perform coding, credentialing and billing audits.
• Coordinates external audit processes of business partners and drives specific audit preparation activities for HRSA audit and other audits as assigned.
• Periodically revises the compliance program and related documentation in light of changes in law, regulatory or company policy, and the ongoing quality improvements of the program.
• Maintains a clean, safe, and organized work area at all times
• Adheres to and promotes all applicable SYH policies, protocols, procedures, and processes

Additional Duties and Responsibilities :

• Demonstrated skills in collaboration, teamwork, and problem-solving to achieve goals
• Demonstrated skills in verbal communication and listening
• Demonstrated skills in providing excellent service to customers
• Excellent writing skills
• A high level of integrity and trust
• In-depth knowledge of HIPAA and HITECH regulations, state and federal guidelines on privacy, transactions and security
• Extensive familiarity with health care relevant legislation and standards for the protection of health information and patient privacy
• Health care legal, operational, and or financial skills
• Performs other duties as assigned.

Job Requirements

Experience Required:

• Seven (7) years of experience in a compliance leadership role in a healthcare setting .
• In-depth working knowledge of current HIPAA Privacy regulations and other pertinent and applicable Federal and California state regulations related to protected health information and provisions of healthcare services is required, along with experience implementing such regulations.
• Experience in identifying compliance training needs and developing, designing and facilitating compliance training.
• Extensive experience in conducting and oversight of investigations. Team development experience.
• Experience deploying a compliance p rogram in an organization .
• Experience Preferred: Direct work experience in a project management capacity, including all aspects of process development and execution.

Education Required:

• Bachelor's Degree; Preferred MHA or MBA or other relevant graduate degree.

Certifications Required:

• HIPAA Professional certification (CHC, CPCO) within 1 year of employment.

Verbal and Written Skills Required to Perform the Job:

• Effective oral and written communication skills, excellent spelling and grammar and the ability to follow written and oral instructions.
• Attention to detail when composing typing and proofing materials.
• Ability to communicate effectively and work collaboratively on items of critical importance for managing employees and establishing rapport with employees and stakeholders.
• Must have a professional & personable demeanor to maintai n excellent working relationships in a fast-paced work environment.
• Must have strong organizational skills that reflect ability to perform and prioritize multiple tasks seamlessly with excellent attention to detail.
• The ability to problem solve and identify both opportunities and potential challenges/roadblocks.
• Ability to work harmoniously with many different personalities and maintain confidentiality and discretion and deal effectively and tactfully with staff, patients, Board Members, Stakeholders and the public.

Technical Knowledge and Skills Required to Perform the Job:

• Extensive knowledge of computer software (EPIC, Windows, Microsoft Office, Excel, Word, Power Point and other applicable technologies).

Equipment Used:

• Personal Computer, printer/fax, telephone, and other general office equipment.

Working Conditions and Physical Requirements:

• Sitting, Standing, Walking, Lifting, and Noisy.
• Sitting for extended periods of time.
• Flexibility in schedule to meet project deadlines.
• Sufficient dexterity to effectively operate a computer keyboard and other related peripherals.
• May be required to work evenings and/or weekends and attend meetings outside of regular working hours.
• Travel may be required.

Universal Requirements:

Pre-employment requirements include I-9, physical, positive background and reference check results, complete application, new hire orientation, pre-employment PPDs. Compliance with all mandated vaccinations and all boosters is a term and condition of employment.

About Us San Ysidro Health is a Federally Qualified Health Care organization committed to providing high quality, compassionate, accessible and affordable healthcare services for the entire family. The organization was founded by seven women in search of medical services for their families and community. Almost 50 years later, San Ysidro Health now provides innovative care to over 108,000 patients through a vast and integrated network of 47 program sites across the county. San Ysidro Health could not serve our patients without the dedication of our passionate and hardworking employees. Apply today and become a part of our mission-driven team! San Ysidro Health has a long-standing commitment to equal employment opportunity for all applicants for employment. Employment decisions including, but not limited to, those such as employee selection, performance evaluation, administration of benefits, working conditions, employee programs, transfers, position changes, training, disciplinary action, compensation, and separations are made without regard to race, color, religion (including religious dress and grooming), creed, national origin, nationality, citizenship status, domestic partnership status, ancestry, gender, affectional or sexual orientation, gender identity or expression, marital status, civil union status, family status, age, mental or physical disability (including AIDS or HIV-related status), atypical heredity cellular or blood trait of an individual, genetic information or refusal to submit to a genetic test or make available the results of a genetic test, military status, veteran status, or any other characteristic protected by applicable federal, state, or local laws.