Career Opportunities in Healthcare Compliance
Last Updated May 11, 2023
While providing the best patient care is the primary focus of healthcare professionals, protecting patients is just as important. That responsibility falls under the umbrella of healthcare compliance—from protecting a patient’s personal information to safeguarding fair and ethical billing practices to ensuring facilities and physicians are operating under the auspices of the law.
“Lack of oversight and a failure in compliance can cost an organization millions,” says Dr. Michael Rip, Program Director of the Master of Science in Healthcare Management at Michigan State University. “There’s a huge need in hospital compliance and good, agile leadership is critical.”
This often overlooked but vital area of the industry provides a host of healthcare career opportunities beyond patient care, and needs in-depth knowledge specialists. These professionals must be detailed-oriented, strategic planners and analytical problem-solvers with an inquisitive and investigative mindset who can steer an organization through the complexities of healthcare compliance.
What is Healthcare Compliance?
In a broad sense, healthcare compliance is about ensuring a healthcare facility or organization maintains compliance with a number of government agencies, acts, guidelines and laws. But the role of compliance goes beyond knowing and keeping all these laws and healthcare compliance regulations. A major responsibility of healthcare compliance is to conduct investigations and audits to identify areas of risk, draft a plan for improving compliance practices to address those risks, and monitor to ensure the program is following best practices and standards.
The U.S. Department of Health and Human Services’ Office of the Inspector General (OIG) is the governmental wing responsible for ensuring healthcare organizations are in compliance with federal health and human services programs. The website provides a wealth of resources to assist facilities and healthcare compliance professionals adopt best practices for maintaining compliance with healthcare related acts, laws, and regulations. Healthcare compliance professionals need to not only have a deep understanding of these laws and regulations, but they also need to ensure they stay up-to-date on any developments or changes in compliance.
Additionally, in an age where infectious diseases capable of sparking an epidemic are just a plane ride away (as the COVID-19 pandemic has shown) and the threat of bioterrorism poses a credible threat, healthcare organizations, particularly hospitals, now must consider preparedness protocols within their compliance programs. For example, the National Incident Management System (NIMS), developed by the U.S. Department of Homeland Security (DHS) and managed by the Federal Emergency Management Agency (FEMA), sets a systematic approach for government, private sector, and nongovernmental organizations to work together in preparing for, preventing, and responding to large-scale incidents. The Department of Health and Human Services requires healthcare organizations to implement NIMS to remain eligible for preparedness funding.
4 Career Paths in Healthcare Compliance
Due to the many government agencies, acts and regulations healthcare organizations need to adhere to, healthcare compliance is an area of critical demand with a need for knowledgeable subject matter experts. The roles and responsibilities within healthcare compliance can differ between the types of healthcare facility (hospital, doctor’s office, nursing home) and the size of the organization—a hospital system versus an independent hospital, a physician group of several doctors and offices versus one physician’s private practice. Healthcare compliance may be one person, a small team or an entire division headed by a healthcare compliance officer.
1. Healthcare Compliance Manager/Officer
The healthcare compliance manager/officer takes the lead in developing and overseeing an organization’s compliance program, implementing the recommendations from compliance audits and risk assessments and setting the best practices to ensure adherence to all governmental standards. An important part of ensuring a facility’s or entire system’s compliance is training, and the compliance manager/officer is often the one to take the lead in conducting compliance training and education programs for physicians, nurses and other healthcare staff.
In turn, the healthcare compliance manager/officer is also the face and voice of compliance information to management and senior leadership. As a failure to comply with any number of governmental agencies, regulations, acts, or laws can result in a large financial penalty, the compliance manager/officer needs to work closely with the organization’s legal department or chief legal counsel and the finance department to monitor high-risk areas, formulate mitigation and action plans and protect the organization’s assets.
At the officer level, this is typically a leadership role within an organization, a seasoned healthcare professional with an innovative vision for the organization and strategic decision-making and leadership skills, plus knowledge of healthcare compliance systems is needed. Some positions may require an M.S. in Healthcare Management to move or advance into the field, where compliance managers can anticipate an annual median salary of $71,650*, according to the U.S. Department of Labor’s O*NET database.1
2. Compliance Analyst
This role is the number cruncher and data interpreter of the compliance world. The compliance analyst monitors data and analytics and then uses that data to prepare detailed reports on compliance activities. From assessing areas of risks to devising more efficient ways to secure patient information, the compliance analyst provides and interprets the data and analytics compliance officers and senior leadership needs to make informed decisions for the organization’s compliance practices. Communication is key in this role, as this complex data analysis needs to be presented in an easily understandable manner.
The compliance analyst also needs to be a documentation specialist, keeping accurate records of compliance data, reports, activities, and communications, all of which need to be available and accessible to government regulators and auditors. Beyond experience within the healthcare industry, an analytical mindset, critical thinking skills, and experience with healthcare information systems are all beneficial in this career path.
3. Compliance Auditor
The compliance auditor is the reviewer, monitor, and, within many organizations or compliance teams, the first determiner of whether the organization is meeting all areas of compliance as it relates to patient safety, privacy, and health. Therefore, the compliance auditor is the expert when it comes to the numerous agencies, acts, regulations and policies his or her organization needs to adhere to, and, in turn, all the internal policies and procedures—from employee handbooks to department manuals to process SOP documents—that help maintain that compliance.
In maintaining compliance, the compliance auditor is the investigator performing regular quality assurance reviews, patient record and billing audits, and risk assessments. Based on these findings, the compliance auditor may be the person to recommend internal procedures, as well as best compliance auditing practices and processes, usually in collaboration with the compliance manager/officer.
Besides the healthcare industry experience and knowledge, a compliance auditor benefits from having the knowledge or previous experience as a bookkeeper, legal clerk or paralegal, or in business administration. A master’s degree such as an MBA or M.S. in Healthcare Management can be a valuable credential for pursuing this career path.
4. Patient Privacy and Protection Specialist
This “specialist” in the area of patient safety, privacy, and health is a HIPAA expert with access to and oversight of sensitive patient information. Think of this role as the NSA analyst of the compliance team—with the highest security clearance.
The patient privacy and protection specialist uses a hospital’s or agency’s secure information and records systems to manage sensitive and confidential patient information, including medical records, authorization forms and personal financial and billing records. With this level of access and oversight of such sensitive information, ensuring security is a crucial part of this role.
The patient privacy and protection specialist may be responsible for performing and monitoring system reviews, risk assessments, or conducting investigations and audits (or working with the compliance auditor) to ensure the ongoing protection of confidential patient information. They may also monitor which other members of the organization or third parties (i.e., governmental regulators, billing companies) have access to these systems and records.
Depending on the organization, the patient privacy and protection specialist may take the lead in establishing best practices related to the privacy and protection of patient information and be the subject matter expert for conducting privacy training for physicians and other organizational staff. Experience with healthcare information systems as well as a strong knowledge of healthcare law and policy as they relate to healthcare compliance are a valuable knowledgebase to have for this position.
Making the Move into Healthcare Compliance
With a first-hand understanding of the impact government regulations and compliance practices have on the daily working lives of physicians, nurses, therapists, and organizational staff, experienced healthcare professionals who are also strategic planners, critical thinkers and analytical problem-solvers are well positioned to transition into a healthcare compliance career.
1O*NET Online, Summary Report for Compliance Managers, Bureau of Labor Statistics 2019 Wage Data. https://www.onetonline.org/link/summary/11-9199.02#WagesEmployment (visited March 30, 2021).