Compliance Manager - Detection and Privacy

Join us for an exciting career with the leading provider of supplemental benefits!

Our Promise
Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

The Avēsis Privacy Office is a part of the Compliance Department. The position reports to the Senior Director of Compliance-Detection & Privacy Officer and supports the Privacy Office and Compliance Team. Our chosen candidate will be primarily responsible for privacy program administration and supporting the compliance monitoring and testing function, as necessary. The Compliance Manager will assure compliance with applicable federal and state privacy/security-related laws and regulations; respond to privacy and/or security incidents including, conducting, or coordinating investigations, conducting risk assessments, monitoring activities, assisting with privacy/security awareness education and training, and supporting the compliance team, as necessary. This role requires collaboration with internal and external stakeholders at all levels of the organization; and therefore, candidates must demonstrate skillful communication, flexibility, and project management skills.

Essential Functions:

• Assist with privacy-related policy and procedure maintenance as per the business need

• Accurately Administer and maintain the Incident Management System

• Manage privacy & security events monthly, quarterly, and annually or as required by the business:

  • Log & track events

  • Conduct HIPAA risk assessments

  • Coordinate member and client notifications and third-party reporting

  • Assist with response efforts and management reporting

• Accurately Maintain member/client/third-party notification and reporting requirements

• Timely maintain and coordinate the distribution of required Privacy Notices

• Participate in and execute the HIPAA gap analysis and/or risk assessment process as per schedule

• Partner with the Information Security Office to coordinate efforts between privacy and security

• Respond timely to privacy and security-related questions, RFPs, RFIs, audit requests, and provide related guidance

• Accurately review and maintain Business Associate Agreements and other privacy-related forms and templates

• Synthesize privacy-related management reporting (i.e., incidents, breaches, issues/concerns, regulatory changes, recommendations, and corrective action plans)

• Develop and deliver written and oral compliance communications, i.e., reports and presentations in a timely manner

• Receive and facilitate the resolution of Privacy/Security complaints in a timely manner

• Support the compliance monitoring and testing (M&T) function i.e., assist in executing the Compliance M&T Workplan, as necessary.

• Travel as necessary (up to 10%)

Core Competencies

• Collegiality: building strong relationships on company-wide, approachable, and helpful, ability to mentor and support team growth.

• Initiative: readiness to lead or take action to achieve goals.

• Communicative: ability to relay issues, concepts, and ideas to others easily orally and in writing.

• Member-focused: going above and beyond to make our members feel seen, valued and appreciated.

• Detail oriented and thorough: managing and completing details of assignments without too much oversight.

• Flexible and responsive: managing new demands, changes, and situations.

• Critical Thinking: effectively troubleshoot complex issues, problem solve and multi-task.

• Integrity & responsibility: acting with a clear sense ownership for actions, decisions and to keep information confidential when required.

• Collaborative: ability to represent your own interests while being fair to those representing other or competing ideas in search of a workable solution for all parties.

Minimum Qualifications

• Bachelor’s degree or equivalent education and work experience
• 3+ years of experience in administrating and executing regulatory compliance or privacy office in a highly regulated industry, i.e., preferably in insurance, government, healthcare, or managed care environment
• 2+ years of experience in the benefit administration or insurance industry, i.e., medical, dental, vision, or hearing
• Intermediate proficiency with MS Word, Excel, and PowerPoint
• Data or information technology savvy
• A love for problem-solving, practical solutions, and making sense of sophisticated, ambiguous situations
• As this role is a remote role, you are required to maintain internet service that allows you to complete your essential job duties without issue. Rates of 50 Mbps download and 10 Mbps upload while hardwired and not on a VPN are sufficient.

Preferred Qualifications:

• Proficient knowledge and application of Federal & State privacy regulations, i.e., HIPAA Privacy & Security Rules, California Consumer Privacy Act (CCPA), CIMA, IIPPA, and other regulations such as ERISA and ACA.
• Understand how to identify and assess risk factors in organizational processes
• Conduct audits to assess compliance with laws, regulations, and internal policies
• Ability to investigate potential compliance concerns, determine the root cause, and recommend appropriate corrective action
• Effectively communicate findings, risks, and concerns and report them in a simplistic, clear, and concise manner both verbally and written.
• Ability to analyze data, create exception reports, automate audits and/or create management reports.
• Proficient use of various technology resources, i.e., Visio, Business Objects.

FLSA Status: Salary/Exempt

Salary Range: $74,260 - $116,200

How to stay safe:

Avesis is aware of fraudulent activity by individuals falsely representing themselves as Avesis recruiters. In some instances, these individuals may even contact applicants with a job offer letter, ask applicants to make purchases  (i.e., a laptop or gift cards) from a designated vendor, have applicants fill out W-2 forms, or ask that applicants ship or send packages of goods to the company.

Avesis would never make such requests to applicants at any time throughout our job application process. We also would never ask applicants for personal information, such as passport numbers, bank account numbers, or social security numbers, during process. Our recruitment process takes place by phone and via trusted business communication platform (i.e., Zoom, Webex, Microsoft Teams, etc.). Any emails from Avesis recruiters will come from a verified email address ending in @Avesis.com.

We urge all applicants to exercise caution. If something feels off about your interactions, we encourage you to suspend or cease communications. If you are unsure of the legitimacy of a communication you have received, please reach out to ITsupport@Avesis.com.

To learn more about protecting yourself from fraudulent activity, please refer to this article link (https://consumer.ftc.gov/articles/how-avoid-scam).  If you believe you were a victim of fraudulent activity, please contact your local authorities or file a complaint (Link: https://reportfraud.ftc.gov/#/) with the Federal Trade Commission. Avesis is not responsible for any claims, losses, damages, or expenses resulting from unaffiliated individuals of the company or their fraudulent activity.

#LI-CB1

We Offer

• Meaningful and challenging work opportunities to accelerate innovation in a secure and compliant way.
• Competitive compensation package.
• Excellent medical, dental, supplemental health, life and vision coverage for you and your dependents with no wait period.
• Life and disability insurance.
• A great 401(k) with company match.
• Tuition assistance, paid parental leave and backup family care.
• Dynamic, modern work environments that promote collaboration and creativity to develop and empower talent.
• Flexible time off, dress code, and work location policies to balance your work and life in the ways that suit you best.
• Employee Resource Groups that advocate for inclusion and diversity in all that we do.
• Social responsibility in all aspects of our work. We volunteer within our local communities, create educational alliances with colleges, drive a variety of initiatives in sustainability.

Equal Employment Opportunity

At Avēsis, We See You.  We celebrate differences and are building a culture of inclusivity and diversity. We are proud to be an Equal Employment Opportunity employer that considers all qualified applicants and does not discriminate against any person based on ancestry, age, citizenship, color, creed, disability, familial status, gender, gender expression, gender identity, marital status, military or veteran status, national origin, race, religion, sexual orientation, or any other characteristic.  At Avēsis, we believe that, to operate at the peak of excellence, our workforce needs to represent a rich mixture of diverse people, all focused on providing a world-class experience for our clients.  We focus on recruiting, training and retaining those individuals that share similar goals.  Come Dare to be Different at Avēsis, where We See You!