Director Of Compliance

Position Summary

Working under the direction of the Chief Executive Officer, this position is responsible for overseeing and managing the organization's compliance with federal, state, and local regulations governing emergency medical services, healthcare operations, and patient privacy. This role ensures adherence to HIPAA privacy and security laws, state & local privacy laws, and the ACA Section 1557 Non-Discrimination Rules, develops and implements compliance programs, conducts non-financial internal audits, provides training to staff and leaders regarding regulatory requirements, and coordinates EMSA's accreditation activities. The position serves as a key advisor to executive leadership, fostering a culture of ethical conduct and continuous improvement while mitigating risk and safeguarding patient information. The Director also collaborates with legal counsel, regulatory agencies, and operational teams to ensure the organization maintains the highest standards of integrity and accountability in all aspects of service delivery.

Minimum Qualifications

• Bachelor's degree in Healthcare Administration, Business, Law, or a related field.
• Master's degree is regarded favorably.
• Requires a minimum of five (5) years of directly related experience, or a combination of greater relevant transferable experience and/or education above the minimum requirements.
• Certified in Healthcare Compliance (CHC), or similar compliance certifications, are regarded favorably.
• Must be 21 years of age or older.
• Must possess a valid and current driver's license and be insurable by EMSA's commercial policy.

Must be able to successfully pass a background check and drug screen to the satisfaction of the organization.

Essential Functions of the Position

• Monitor and interpret evolving industry regulations, including documentation and billing standards, by reviewing sources such as the Federal Register, OIG fraud alerts, advisory opinions, and other regulatory publications. Communicate relevant updates to leadership and provide targeted education and training.
• Collaborate with the executive team to develop, implement, and maintain EMSA's comprehensive compliance program, ensuring alignment with organizational goals and regulatory requirements.
• Ensure adherence to HIPAA privacy and security laws, state & local privacy laws, and the ACA Section 1557 Non-Discrimination Rules.
• Lead and coordinate quarterly Compliance Committee meetings, facilitating cross-functional discussions and tracking action items to promote accountability.
• Update compliance and privacy policies and procedures as needed to reflect regulatory changes.
• Works collaboratively with Operations, Patient Business Services, Finance, and Clinical Education departments.
• Develop and monitor departmental objectives and performance metrics, providing regular reports to senior leadership to inform strategic decision-making.
• Maintain accurate and secure documentation in compliance with federal and state laws, ensuring audit readiness and data integrity.
• Serve as a subject matter expert and resource for staff on compliance and privacy matters, fostering a culture of ethical behavior and continuous improvement.
• Represent EMSA in external audits, inspections, and regulatory reviews, ensuring timely and accurate responses to inquiries.
• Adhere to and enforce organizational policies, procedures, and safety standards with the highest level of integrity.
• Coordinate and oversee all accreditation and reaccreditation activities to ensure compliance with applicable standards, preparation of documentation, collaboration with other departments' responsibilities, site visits as indicated, and implementation of corrective actions as needed.
• Collaborate with the HIPAA Security Officer and other compliance-related departments, such as Human Resources, Information Technology, and others, to ensure their adherence to applicable regulatory requirements and internal compliance standards.
• Serve as the designated Privacy Officer of EMSA, ensuring compliance with HIPAA and other applicable privacy regulations by developing, implementing, and monitoring policies and procedures that protect patient information and organizational data.
• Receive, investigate, and handle patient complaints related to compliance and privacy in a timely and professional manner. Ensure appropriate documentation, resolution, and follow-up in accordance with EMSA's compliance policies and applicable regulations. Collaborate with relevant departments to identify root causes, implement corrective actions, and promote continuous improvement in patient experience and organizational accountability.
• Prepare and present compliance-related reports, findings, and strategic recommendations to the Board of Trustees, ensuring transparency, accountability, and informed decision-making on regulatory matters affecting the organization.
• Demonstrate professionalism and uphold EMSA's mission, vision, and values in all interactions.

Punctuality and regular, predictable, reliable, and consistent attendance is essential. Other essential functions include: professionalism, the ability to communicate effectively (verbally and in writing), maintaining confidentiality, exercising sound judgment, being adaptable and flexible, following safety and compliance protocols, being accountable, complying with the Code of Conduct, organizational policies, procedures, practices, and expectations, and performing the core duties of the position either with or without a reasonable accommodation.

Other Functions of the Position

• Assist with onboarding and orientation of new employees by providing compliance and privacy training.
• Serve on internal groups and committees that support organizational initiatives beyond compliance.

Performs other job-related duties, functions, tasks and responsibilities as assigned, which may vary based on evolving organizational needs and priorities. These responsibilities are not considered essential functions of the position and may be modified or reassigned to accommodate individuals with disabilities, in accordance with the Americans with Disabilities Act (ADA) as amended.

Job Knowledge, Skills, and Abilities

• In-depth knowledge of HIPAA, HITECH, CMS regulations, ACA Section 1557 Non-Discrimination Rules, and Oklahoma EMS laws, including public trust and governmental entity operations.
• Strong understanding of EMS billing practices, insurance billing procedures, accounts receivable functions, collections, and third-party payer regulations.
• Proficiency in analyzing and interpreting managed care contracts, transport fee agreements, billing guidelines, and applicable state and federal regulations.
• Familiarity with electronic patient care reporting (ePCR) systems and healthcare revenue cycle management.
• Demonstrated ability to manage confidential information with discretion and maintain strict compliance with all patient privacy and confidentiality requirements.
• Excellent analytical, investigative, and problem-solving skills.
• Effective project management and organizational skills, with the ability to manage multiple priorities, meet deadlines, and adapt to rapidly changing environments.
• Strong written and verbal communication skills, with the ability to train, educate, and interact professionally with diverse internal and external stakeholders.
• Self-motivated and goal-oriented, with a demonstrated ability to work independently and collaboratively.
• Proficiency in Microsoft Office applications, including Word, Outlook, Excel, and PowerPoint.
• Ability to remain composed under pressure and manage job-related stress in a fast-paced environment.

Supervisory Responsibilities

• This position does not have supervisory or management responsibilities of other employees.

Physical Demands

• This is a primarily sedentary office position requiring prolonged periods of sitting at a desk, up to 8 hours per day.
• Frequent use of hands, wrists, and fingers for typing and other repetitive motions.
• Frequent verbal communication and active listening are required to perform job duties effectively.
• Frequent visual acuity is needed for reading, computer work, and assessing information at distances up to 20 feet.
• Occasional walking and standing are required; minimal kneeling, crouching, bending, or twisting.
• Occasional lifting, carrying, pushing, or pulling of objects weighing up to 20 pounds.
• Minimal use of hand tools and minimal need to ascend or descend stairs, ramps, or ladders.

Work Environment

• This position operates in a professional, temperature-controlled office environment within a healthcare or EMS administrative setting.
• The noise level is typically low to moderate, with minimal exposure to moving mechanical parts or machinery.
• The role involves frequent use of standard office equipment, including computers, phones, photocopiers, filing cabinets, etc.
• The position requires frequent attention to detail, meeting deadlines, and adapting to shifting priorities in a fast-paced environment.
• Travel between Tulsa Oklahoma City on a fairly regular basis, including occasional overnight stays.
• The role may involve occasional exposure to confidential or sensitive information, requiring a high level of discretion and professionalism.
• Standard work hours are typically during regular business hours, with occasional extended hours or weekend work based on organizational needs or project timelines.