Compliance and Privacy Manager

  • The University of Vermont Medical Center
  • Burlington, VT, USA
  • Jun 08, 2020
Full time Legal

Job Description

University of Vermont Medical Center, Vermont’s academic medical center and founding member of the University of Vermont Health Network, seeks a Compliance and Privacy Manager.


Position Summary: 

The UVM Health Network Compliance and Privacy Manager assists the Network Chief Compliance and Privacy Officer in implementing the UVM Health Network compliance and privacy programs.  The Compliance and Privacy Manager does this by: (i) serving as an organization-wide resource for and authority on issues related to health information privacy, (ii) developing and providing training for new employees and on-going education of all employees relating to compliance and privacy matters; (iii) assisting the Compliance and Privacy Officer and the General Counsel’s office with health care regulatory matters, such as those related to fraud and abuse, anti-kickback and Stark law issues; (iv) identifying compliance and privacy related risk areas and conducting audits of such risk areas, and making recommendations based upon audit findings; (v) keeping current on all applicable legal and regulatory requirements; (vi) reviewing and developing departmental and organizational policies that promote compliance with all applicable legal and regulatory requirements; and (vii) engaging in special investigations in response to external requests for records and audits.  


A JD degree is required; Certification in Healthcare Privacy Compliance (CHPC) or as a Healthcare Information Security and Privacy Practitioner (HCISPP) desired.


Three or more years of experience desired, particularly with analyzing health care regulatory requirements and translating then into policy or recommendations for operations; familiarity with health care fraud and abuse laws including Stark, Anti-kickback and the False Claims Act, familiarity with privacy laws applicable to the healthcare industry, including HIPAA, HITECH, and 42 CFR Part 2; Experience with managing breaches of PHI, including investigation, patient notification and breach reporting; experience counseling operations on setting up and participation in health information exchanges and other data sharing initiatives; experience with data privacy in connection with research.

To apply, please use our online application system:

We offer a comprehensive benefits package. We proudly offer a non-smoking work environment. The UVM Medical Center is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protective veteran status.