Compliance & Privacy Manager

Location: Winchester, MA
Job ID: 154150-1A
Date Posted: Apr 29, 2019

Job Description

Welcome To

Lahey Health Shared Services is part of a vibrant and growing health care system, recognized as a trailblazer in medicine and a standard bearer in patient experience. It includes an award-winning academic medical center, a superb constellation of community hospitals, home care services, rehabilitation facilities and more.

We are committed to attracting, developing and retaining top talent in a market long recognized and revered as a global leader in health. With a team approach to care, we encourage learning and growth at all levels, and we offer competitive salaries and benefits. We adhere to the principles of a just and fair work environment for all colleagues, where respect is foundational and performance is rewarded.

About the Job

Reporting directly to the Chief Compliance Officer and his or her designee, for Lahey Health System, the Compliance and  Privacy Manager is responsible for key administrative compliance and privacy function for the entity assigned to ensure compliance with federal, state and local government regulations (e.g., Privacy and Security, Conflict of Interest and Research) as well other compliance and privacy related matters.  The Compliance and Privacy Manager will provide leadership for their respective entity to ensure effective communication and collaboration among staff. Others may be appointed or designated to assist with these responsibilities from time to time as determined necessary and appropriate to sustain and enhance Lahey Health Systems Compliance and Privacy Program elements.  However, each Compliance and Privacy Manager is ultimately responsible for ensuring that their respective entity has an effective compliance and privacy program in place.

In this role, the Compliance and Privacy Manager is responsible for the development, implementation, and on-going refinement of strategies for an effective compliance, ethics and integrity and privacy program for the entity assigned.


Essential Duties & Responsibilities including but not limited to:

The Compliance and Privacy Manager is responsible for assisting the Vice President of Compliance and Privacy and the Director of Compliance and Privacy in promoting a culture of compliance and understanding and adherening to applicable federal, state and local rules and regulations, as well as Hospital policies as they relate to both compliance and privacy.

Essential Duties and Responsibilities include:

  • Works directly with the Vice President of Compliance and Privacy and Director of Compliance and Privacy to assure compliance with federal and state regulations, including privacy standards and regulations including HIPAA, HITECH and other state and federal laws, rules and regulations;
  • Responsible for planning, executing, and managing a variety of regulatory, investigative and educational based projects as an integral member of Lahey Health System’s compliance and privacy program
  • Responsible for leading compliance and privacy oversight at the entity , including investigations (including Fraud, Waste and Abuse) , preventative measures, corrective action plans, and directing compliance functions. Work closely with department staff, Legal Services, Internal Audit and other stakeholders to help identify risk areas, areas of exposure, and to work collaboratively to build compliance and privacy awareness into operations of the individual facility assigned;
  • Review, monitor and report ongoing compliance and risk management activities and reporting on progress being made, and/or corrective action or mitigation steps being taken when deficiencies are identified;
  • Update and provide necessary annual training, as well as other training determined necessary based on new policies, procedures or other initiatives;
  • Identify new and emerging areas of compliance and privacy risks and other risks relevant to their own compliance and privacy program;
  • Meet regularly and report on any known or suspected incident or breach in a timely manner to the Vice
  • President of Compliance and Privacy by following hospital policy and procedure;
  • Identify and share  new and /or improved compliance best practices with other Compliance Department members and organizational  staff, as appropriate;
  • Lead local compliance committee by organizing regular meetings and engaging committee members to participate in compliance program.
  • Discuss, plan and recommend to the Vice President of Compliance and Privacy coordinated compliance initiatives designed to address identified compliance  and/or other types of risks;
  • Engage staff and/or liaisons where appropriate to disseminate information, receive input based on experience, and respond to queries;
  • Coordinate and/or respond to requests from the Vice President of Compliance and Privacy, or their designee which may include review and investigation, audit requests, periodic surveys, serving on ad hoc committees, assisting with the annual Work Plan, education and training and other initiatives, etc.


  • Bachelor’s degree in related field (health care, business and law); Master’s or other advanced degree desired, but not required

Licensure, Certification & Registration:

  • Professional license (e.g., Nursing, Law), as well as other professional compliance designation such as Compliance and Privacy Professional certification


  • Five years  of healthcare, compliance and privacy related experience required
  • Five years of escalating responsibility and work-experience in compliance and/or privacy field (healthcare, law, internal audit) including progressive program and project management roles in large and complex organization

Skills, Knowledge & Abilities:

  • Significant compliance orientation, coupled with business process expertise
  • Demonstrated knowledge of current thinking and practice around the business of compliance
  • Knowledge of pertinent compliance and privacy regulatory requirements and compliance program elements
  • Ability to communicate, collaborate nad work effectively with senior leadership, as well as broad cross section of management/leadership/line staff from broad range of functional areas
  • Demonstrated high ethics and integrity

About Us

The Lahey Model of Care—right care, right time, right place—is exactly what patients, providers and payers need and deserve. Identifying and delivering on this convergence of interests has positioned Lahey Health for further growth. Our model ensures care is highly coordinated and locally delivered, with lower costs and exceptional quality.

Lahey Health is a robust, regional system including a teaching hospital, community hospitals, primary care providers, specialists, behavioral and home health services, skilled nursing and rehabilitation facilities, and senior care resources throughout northeastern Massachusetts and southern New Hampshire. The system has a global presence with programs in Canada, Jordan and Bermuda.

Equal Opportunity Employer/Minorities/Females/Disabled/Veterans.