Director of Compliance & Risk Management

 POSITION SUMMARY 

The Director of Compliance & Risk Management serves as a strategic leader responsible for overseeing organizational compliance, quality, and risk mitigation efforts. Serving as both the Compliance Officer and HIPAA Privacy Officer of record, this position is responsible for monitoring the organization's program procedures, employees/agents to ensure compliance with appropriate state, federal and local regulations as they relate to compliance, billing, and documentation. 

The Director fosters a culture of accountability, safety, and continuous improvement, advancing Kelberman’s mission to provide high-quality, person-centered care. Keeping in alignment with pertinent regulatory bodies including but not limited to OMIG, OIG, OPWDD, SED, OCFS.

ESSENTIAL RESPONSIBILITIES

Role responsibilities include but are not limited to the following:

· Lead the development, implementation, and oversight of the agency’s Compliance and Risk Management programs.

· Serve as the agency’s Compliance Officer (OMIG/OIG) and Privacy Officer (HIPAA), ensuring alignment with all relevant regulatory bodies (OPWDD, DOH, SED, OCFS, CMS, DOH, etc.)

· Develop and maintain policies, procedures, and audit plans that promote regulatory compliance, data privacy, and ethical conduct.

· Conduct analysis to determine trends and generate appropriate reports. Compiles statistical data for executive team and Board of Directors, as requested.

· Support initiatives of the organization’s quality management plan including but not limited to data collection, performance improvement, and client satisfaction efforts.

· Manage incident reporting and investigations, including oversight of the 24/7 incident hotline and IRMA submissions.

· Communicates and applies regulatory updates/changes in a timely manner; keeps current through emails, conferences, websites, meetings, etc.; anticipates and plans for the implementation of pending and/or proposed rules.

· Works closely with IT to oversee the development, maintenance, and monitoring of electronic security systems and protocols.

· Keeps management informed on the operation and progress of the organizations’ Compliance, Quality and Incident Management efforts.

· Supervise responses to external audits and surveys; coordinate corrective actions as needed.

· Deliver compliance, risk, and HIPAA training to staff and leadership.

· Collaborate with HR on investigations involving staff conduct or regulatory concerns.

· Maintain readiness for OPWDD DQI surveys and support site accreditation initiatives.

· Cultivate relationships with regulatory agencies and peer organizations to remain current on evolving standards.

· Lead and contribute to internal committees and special projects aligned with compliance goals.