Sr. Manager, Compliance Privacy Monitoring

McKesson is an impact-driven Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights products and services that make quality care more accessible and affordable. Here we focus on the health happiness and well-being of you and those we serve we care.

What you do at McKesson matters. We foster a culture where you can grow make an impact and are empowered to bring new ideas. Together we thrive as we shape the future of health for patients our communities and our people. If you want to be part of tomorrows health today we want to hear from you.

Title: Sr. Manager Compliance Privacy Monitoring

Location: Dallas TX; Atlanta GA; Columbus OH

Hybrid/Remote/Onsite: Hybrid

The Senior Manager Compliance Monitoring will be responsible for conducting regulatory and compliance reviews based on Compliance program initiatives. The Senior Manager will support the execution of enterprise privacy monitoring in partnership with McKessons Global Privacy Office.

The Senior Manager will support the seven key elements of an effective compliance program as set by the Office of Inspector General with a focus on monitoring healthcare privacy compliance risks. The Senior Manager will lead engagements and document formal testing following internal monitoring methodologies. The Senior Manager will communicate results to various leaders within Compliance and the business. The ideal candidate will have experience with healthcare privacy risks and compliance monitoring in the healthcare industry.

Position Description

• Assist Director and VP with planning delivering and effectively executing on a monitoring plan to ensure adherence to relevant privacy laws and regulations McKessons privacy principles regulatory standards and industry standards.
• Support and assist with building the enterprise privacy monitoring strategy with Compliance leadership.
• Apply knowledge and expertise in privacy risks to assess applicability and impact of privacy-related regulations.
• Coordinate and collaborate with key stakeholders across the organization including Legal Compliance Cybersecurity Operations Internal Audit other risk assessing organizations and IT teams.
• Support design development and execution of compliance privacy monitoring based on comprehensive understanding of associated compliance risks.
• Lead meetings with key stakeholders at all levels of the organization.
• Perform robust full population data analytics to identify outliers anomalies trends during monitoring efforts as needed.
• Document monitoring working papers based on established internal guidelines and regulator expectations and make recommendations as appropriate.
• Develop formal summaries of monitoring results for stakeholders and management.
• Conduct working sessions with stakeholder(s) to support identifying root causes of observations identified.
• Facilitate obtaining as applicable preventative detective and corrective action plans for the observations identified to mitigate risk(s).
• Utilize critical thinking skills to provide valuable recommendations for control and/or process improvement to mitigate risk(s) identified.
• Assess objective evidence from post engagement issue follow-ups to confirm resolution with stakeholders.
• Exercise professional judgment and propose value-added solutions in all aspects of engagement execution.
• Support Compliance and Ethics continued journey of digital enablement and AI journey by exploring opportunities to utilize AI for monitoring.
• Provide support and guidance to colleagues as needed.
• Support department initiatives and deliverables as needed.

Minimum Requirements

• 7 years of relevant experience in audit monitoring healthcare compliance or other related discipline(s) (e.g. finance)
• 4-year college degree or equivalent

Certification/licensure

• CHC CHPC or other professional compliance certifications is a plus.

Critical Skills

• Familiarity with healthcare (e.g. payer pharma life sciences) privacy compliance rules and practices strongly preferred.
• Experience with monitoring privacy risks in the healthcare industry based on regulations (e.g. HIPAA US State Privacy laws GDPR PIPEDA).
• Knowledge of privacy related elements including but not limited to privacy breach identification and response data collection classification storage and use.
• Understanding of how applicable laws and regulations apply to monitoring and/or auditing.
• Experience documenting and performing audits according to audit methodologies to determine compliance with applicable regulations.
• Ability to work on multiple engagements at once.
• Manages time effectively and takes responsibility for work.
• Demonstrates clear and concise communication with key stakeholders both written and verbal with key stakeholders.
• Ability to work with all levels within the organization including cross-departmental teams and leadership.
• Demonstrated ability to execute multiple projects and excel in a fast-paced work environment.
• Ability to build and foster relationships throughout the organization.
• Strong English language skills including the ability to write clearly in English and communicate effectively.
• Proficient in Microsoft applications (e.g. Teams Excel PowerPoint Power BI).

Additional Knowledge & Skills

• Knowledge of cybersecurity risks in relation to healthcare privacy related risks.
• Knowledge of healthcare laws and regulations (e.g. Health Insurance Portability and Accountability Act of 1996 (HIPAA) Controlled Substances Act (CSA) Drug Supply Chain Security Act (DSCSA) and Food and Drug Administration (FDA) regulations).
• Awareness of GRC tool(s) specifically ServiceNows engagement and/or issue modules is a plus.
• Knowledge of SOC 2 requirements and audits is a plus.

Must be authorized to work in the US. Sponsorship is not available for this position.

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors including performance experience and skills equity regular job market evaluations and geographical markets. The pay range shown below is aligned with McKessons pay philosophy and pay will always be compliant with any applicable regulations. In addition to base pay other compensation such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson pleaseclick here.

Our Base Pay Range for this position

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race color religion sex sexual orientation gender identity national origin protected veteran status disability age or genetic information. For additional information on McKessons full Equal Employment Opportunity policies visit our Equal Employment Opportunity page.

Join us at McKesson!