Maureen Zuromsky

Responsible for the development, implementation, and adherence to UMMS' policies and procedures covering the privacy and security of PHI under HIPAA. Collaborate with Privacy Official and Security Official to proactively address requirements under HIPAA related to: assessment of potential privacy and security risks, incident response, monitoring and auditing, training, risk mitigation, and remediation activities.

Facilitate adherence to oversight and audit requirements of FDRs and vendors in line with CMS regulations and client expectations. Develop processes and practices for the oversight of specific vendors, audit facilitation and support, and client questionnaire responses. Directly supervise a team of analysts and serve as a resource for process improvements for delegation and oversight activities.

Provide support to the organization in evaluating the effectiveness of the Compliance Program and governance processes including ensuring compliance with Federal and state laws/regulations, contract provisions, accreditation standards, and internal policies/procedures.

Implement system wide initiatives, policies and processes related to the Compliance Program and be responsible for program oversight, risk assessment, reports creation, communication strategy, education/training and auditing/monitoring.

Capture and analyze data used to detect trends that may indicate systemic risks to the organization requiring further review, assessment, root cause analysis, or follow-up. Provide Audit Reports and identify instances of non-compliance, and reports activities to the Audit Committee.

Support the Compliance team in the general development of the Compliance Program including, but not limited to, developing the Compliance Work Plan, Fraud, Waste and Abuse Plan, Communication Strategic Plan, Audit Work Plan, Compliance Committee/Board reports, Compliance policies/procedures and standard work.