System Chief Compliance Officer

Job Duties & Responsibilities

Strategic Compliance Leadership

• Develop and lead an enterprise-wide risk-based compliance strategy that ensures adherence to all relevant laws and regulatory requirements and supports the organization's mission and strategic priorities.
• Continuously enhance a long-term compliance framework aligned with institutional goals and regulatory expectations.
• Provide regular updates to the General Counsel, executive leadership, and Board committees on compliance program operations, compliance matters, trends, organizational risks, investigations, and risk mitigation strategies.
• Promote an organizational culture that fosters ethical decision-making, transparency, and compliance accountability at all levels.
• Provide oversight of Compliance Department employees including regular review of employee performance.
• Serve as an executive leader responsible for the Audit, Compliance and Risk committee to the Board.
   

Regulatory Oversight and Risk Mitigation

• Ensure ongoing compliance with federal and state healthcare laws and regulations, including HIPAA, Medicare and Medicaid requirements, Stark Law, Anti-Kickback Statute, EMTALA, and state-specific requirements.
• Proactively lead the periodic risk assessment processes and annual workplan development to identify, assess and mitigate potential areas of noncompliance or organizational risk before they impact operations or reputation.
• Collaborate with legal, clinical, academic, and operational leaders to develop corrective action plans and monitor their effectiveness.
   

Compliance Operations and Infrastructure
 

• Develop, review, and maintain a comprehensive set of compliance-related policies and procedures including a Code of Conduct that align with current laws, regulations, and organizational operations.
• Lead the system’s response to external audits, regulatory inquiries, and accreditation reviews.
• Maintain an effective and confidential reporting mechanism (hotline or other tools) to allow employees to report concerns anonymously and without fear of retaliation.
• Provide formal reports to the Audit Compliance and Risk Committee on the effectiveness of the compliance program, highrisk issues, and strategic initiatives.
• Lead and oversee internal investigations of potential compliance concerns, ensuring timely resolution, thorough documentation, and appropriate corrective action. This includes coordination with Legal as necessary.
• Evaluate the effectiveness of the compliance program periodically, incorporating metrics, audit results, and feedback to guide improvements.
   

Audit Operations and Infrastructure

• Provide overall direction and leadership to ensure that all aspects of the internal audit function operate at top efficiency and achieve the objectives of the Audit, Compliance and Risk Subcommittee of the Board of Trustee’s, the Audit and Compliance Steering Group, and senior leaders.
• Collaborate with the Director of Audit Services to identify improvement and innovation to current audit practices, methodology and processes. Guide the team on audit framework, engagement planning and execution, and issue identification and reporting.
• Collaborate with internal audit to conduct risk-based audits, including billing and coding audits, monitor internal controls, ensure timely remediation of audit findings, and reduce compliance risks.
• Oversee the development of compliance auditing processes and reporting systems and participate in the development and delivery of skills training to continuously enhance the capability of the Audit Services team.
• Assess and leverage internal and external audit results to continuously enhance processes and strengthen organizational compliance infrastructure.
• Oversee internal audit planning and activities related to compliance and regulatory risk.
   

Privacy and Information Protection

• Oversee the organization's privacy program to ensure compliance with HIPAA and other data protection laws.
• Collaborate with the Chief Information Officer to safeguard protected health information and ensure appropriate breach response protocols.
• Perform privacy risk assessments and related compliance monitoring initiatives.
• Oversee, direct, and deliver privacy training to all employees.
• Create and monitor Business Associate Agreements to ensure that all Business Associates are maintaining privacy requirements and responsibilities.
   

Education and Engagement

• Oversee the development of risk-based education and training programs and communication strategies that enhance awareness of compliance requirements, ethical standards, and individual responsibilities. This includes the development of an annual training plan that includes annual and risk-based training.
• Partner with Human Resources, medical school leaders, and department chairs to reinforce compliance across clinical, research, and administrative domains.
   

Collaboration and Integration

• Work closely and collaborate with the Executive Leadership Team, Quality, Risk, Internal Audit, Legal, Human Resources, Research Compliance, Medical Staff Affairs, Medical Staff Leadership and Baylor College of Medicine to ensure a coordinated and integrated approach to compliance and institutional integrity.
• Serve as liaison to government agencies, industry organizations, and peer institutions on compliance-related matters.