Audit & Compliance Management, Regulatory Compliance, Intenal Audits.
Conduct Audit and Risk Committee internal audits for business operations to ensure that the business operations comply with the BAA, MSA and SOWs and are in agreement with SSAE, SOC, PCI DSS and HITRUST standards as well.
Develop, implement, maintain, and revise company policies and procedures in accordance with the regulatory standards HIPAA, HITECH & GDPR for the general operations and its related activities to prevent illegal, unethical, or improper conduct. Monitor compliance in day-to-day operations.
Develop and implement PowerShell scripts in IT audit procedures and investigations.
Develop and periodically review and update Standards of Conduct to ensure continuing currency and relevance in providing guidance to management and employees.
Collaborate with other departments to direct compliance issues to appropriate existing channels for investigation and resolution. Consult with the Corporate attorney as needed to resolve difficult legal compliance issues.
Respond to alleged violations of rules, regulations, policies, procedures, Standards of Conduct and Standards and Safeguards by evaluating or recommending the initiation of investigative procedures. Develop and oversee a system for uniform handling of such violations.
Act as an independent review and evaluation body to ensure that compliance Issues/concerns within the organization are being appropriately evaluated, investigated and resolved.
Monitor, and as necessary, coordinate compliance activities of other departments to remain abreast of the status of all compliance activities and to identify trends.
Identify potential areas of compliance vulnerability and risk; develop/implement corrective action plans for resolution of problematic issues, and provide general guidance on how to avoid or deal with similar situations in the future.
Audit on Monthly and Quarterly basis and provide reports on a regular basis, and as directed or requested, to keep the Corporate Compliance Committee of the Board and senior management informed of the operation and progress of compliance efforts.
Ensure proper reporting of violations or potential violations to duly authorized enforcement agencies as appropriate and/or required.
Establish and provide direction and management of the compliance Hotline.
Institute and maintain an effective compliance communication program for the organization, including promoting (a) use of the Compliance Hotline; (b) heightened awareness of Standards of Conduct, and (c) understanding of new and existing compliance issues and related policies and procedures.
Work with the Human Resources Department and others as appropriate to develop an effective compliance training program, including appropriate introductory training for new employees as well as ongoing training for all employees and managers.
Monitor the performance of the Compliance Program and relate activities on a continuing basis, taking appropriate steps to improve its effectiveness.
Compliance & Regulatory:
Audit & Compliance Management
Regulatory Compliance (HIPAA, HITECH, GDPR, ISO, PCI DSS)
Internal Audit Support
IT General Controls (ITGC)
Risk Assessment & Mitigation
Compliance Documentation / SOP Writing
Governance, Risk & Compliance (GRC)
Privacy Compliance
Data Governance
KYC / AML Exposure
Internal Controls (SOX-like)
SOC 1 & SOC 2 Compliance
SSAE Framework Exposure
Policy Review & Implementation
Operations & Research:
Process Mapping & Process Improvement
Operational Risk Review
Business Process Audit
Compliance Research
Regulatory Landscape Analysis
Technology (only compliance-relevant):
IT Compliance Automation
PowerShell for Compliance Controls
Google Apps Script Automation
Access Management (AD, IAM Concepts)
IT Security Basics (TCP/IP, Firewalls)
.jpg?1763309957)