Compliance Officer – Iowa State Association of Counties (ISAC)
The Iowa State Association of Counties is seeking to add a full-time compliance person. This
person functions as an independent and objective employee responsible for creating and
maintaining compliance programs as well as addressing questions, issues, and concerns within
the organization and its members.
Requirements:












Minimum of five years’ experience in a senior healthcare compliance position or as an
attorney practicing in healthcare law
Bachelor’s degree in a healthcare compliance related field (Masters degree preferred) or
Juris Doctorate degree and licensed to practice in Iowa
Demonstrated technical competencies in Microsoft Office suite of products
Prioritization, problem-solving, and creativity/innovative skills, including analysis of
metrics to form hypotheses, confirm root causes and verify solutions
Project management proficiency
Spreadsheet modeling skills: budgeting, forecasting and sensitivity analysis
Ability to prepare and interpret statistics as they pertain to compliance requirements
Experience with auditing or complying with audits specifically concerned with
healthcare related software is a plus
Proven knowledge of software development process and high level coding
methodologies is a plus
Presentation skills, both oral and written
Negotiation skills
Specific compliance competencies in HIPAA and HITECH
Salary range starting at $75,000 plus a competitive benefit package.
JOB DESCRIPTION
IOWA STATE ASSOCIATION OF COUNTIES
COMPLIANCE OFFICER
Overview:
The Compliance Officer is the leader of HIPAA and HITECH for the Iowa State Association of
Counties, functioning as an independent and objective employee that reviews and evaluates
compliance issues/concerns within the organization. This position ensure that the Board of
Directors, Executive Director, other management, employees and identified systems are in
compliance with the applicable laws, rules and regulations of applicable federal and state
regulatory agencies, that organizational policies and procedures are being followed. This
position serves as an educational resource for members and users. The Compliance program
should follow the seven elements of an effective compliance program as more fully described
by the Office of Inspector General (OIG) of the United States.
Responsibilities:







Receive and direct compliance issues to appropriate resources for investigation and
resolution.
Implement the organization’s HIPAA Policies and Procedures and suggests edits as
necessary to the same in order to keep up-to-date with current law and practices.
Act as the final internal resource with which parties may communicate after other
formal channels and resources have been exhausted.
Act as staff to the Compliance and Regulations Committee by monitoring and reporting
results of the compliance/regulatory efforts of the committee, provide guidance for the
Executive Director and senior management team on matters relating to compliance and
provide updates regarding changes to relevant regulations and compliance measures.
In conjunction with the Compliance and Regulations Committee and ICTS Advisory
Board advise the ICTS Board of Directors in implementation of all necessary actions to
ensure achievement of the objectives of an effective compliance program.
Responsible for providing the management team with data and information that will
guide the strategic direction of the organization as a result of the current and proposed
regulatory environment.
Responsible and accountable for the design, development, implementation, operation,
maintenance, monitoring, and approving the entity’s system controls as it relates to
security availability, processing integrity and confidentiality, that are assigned to
individuals within the entity, with authority to ensure policies and other system
requirements are effectively promulgated and placed in operation.
















Collaborate with the Information Technology Manager and other project staff to review
all external marketing materials, third party interfaces, etc. to mitigate any potential
regulatory or compliance issues.
Develop and periodically review and update Standards of Conduct to ensure continuing
currency and relevance in providing guidance to management and employees.
Collaborate with other departments as required by the position to direct compliance
issues to appropriate existing channels for investigation and resolution.
Consult with the General Counsel as needed, to resolve difficult legal compliance issues.
Respond to member and user questions regarding compliance, provide education and
training to members and users on compliance and assist with the ISAC HIPAA Program.
Respond to alleged violations of rules, regulations, policies, procedures, and code of
conduct by evaluating or recommending the initiation of investigative procedures.
Develop and oversee a system for uniform handling of such violations.
Act as an independent review and evaluation body to ensure that compliance
issues/concerns within the organization are being appropriately evaluated, investigated,
and resolved.
Monitor, and as necessary, coordinate compliance activities of other departments to
remain abreast of the status of all compliance activities and to identify trends.
Identify potential areas of compliance vulnerability and risk; develop/implement
correction plans for resolution of problematic issues, and provide general guidance on
how to avoid or deal with similar situations in the future.
Provide reports on a regular basis, and as directed or requested, to keep the Executive
Director and senior management informed of the operation and progress of compliance.
Ensure proper reporting of violations or potential violations to duly authorized
enforcement agencies as appropriate and/or required.
Implement and manage a “whistle blower” reporting mechanism.
Institute and maintain an effective compliance communication program for the
organization.
Work with Human Resources and others as appropriate to develop an effective
compliance training program, including appropriate introductory training for new
employees as well as ongoing training for all employees and managers.
Monitor and document code changes and system releases to ensure appropriate coding
controls are being followed. Report violations to the Information Technology Manager.
Responsible for managing third-party audits, implementing, tracking, and monitoring
identified controls for ISAC and ICTS.
Qualifications:











Minimum of five years’ experience in a senior healthcare compliance position or as an
attorney practicing in healthcare law
Bachelor’s degree in a healthcare compliance related field (Masters degree preferred) or
Juris Doctorate degree and licensed to practice in Iowa
Demonstrated technical competencies in Microsoft Office suite of products
Proven knowledge of software development process and high level coding
methodologies
Prioritization, problem-solving, and creativity/innovative skills, including analysis of
metrics to form hypotheses, confirm root causes and verify solutions
Project management proficiency
Spreadsheet modeling skills: budgeting, forecasting and sensitivity analysis
Ability to prepare and interpret statistics as they pertain to compliance requirements
Presentation skills, both oral and written
Negotiation skills
Specific compliance competencies in HIPAA and HITECH
Salary: Salary range starting at $75,000 plus competitive benefit package