Approximate Salary Range: $173,500 - $250,000/year

Requires residence in Central Oregon. Eligible for in-state or out-of-state relocation bonus.

ST. CHARLES HEALTH SYSTEM          

JOB DESCRIPTION

TITLE:                                      Chief Compliance Officer

REPORTS TO POSITION:      Senior Vice President, Chief Legal and Risk Officer

DEPARTMENT:                        Compliance

DATE LAST REVIEWED:         January 2026

OUR VISION:                            Creating America’s healthiest community, together

OUR MISSION:                         In the spirit of love and compassion, better health, better care, better value

OUR VALUES:                          Accountability, Caring and Teamwork

DEPARTMENT SUMMARY: The Compliance Department includes privacy officers, internal auditors, and compliance analysts who proactively support adherence to legal, regulatory, ethical, and accreditation requirements. The work of the department is accomplished through its members who stay current with the ever-changing framework of laws, regulations, and ethical standards that apply to the St. Charles Health System (SCHS). The department educates the health system and its caregivers about how those requirements and standards apply to their work. The Compliance Department works collaboratively with the Legal, Regulatory, Finance and Risk Management Departments when questions arise that require the particular expertise of any one or more of those departments. Members of the Compliance Department help develop and implement policies and practices that mitigate and prevent risk to the organization, to its patients, and to its patients’ families. Through that work, the department fosters an environment where compliance is a core business principle embedded in the everyday decision-making and work processes of the St. Charles Health System. 

POSITION OVERVIEW: The Chief Compliance Officer (CCO) directly oversees, manages, and is responsible for the SCHS compliance program which is broadly and comprehensively defined to include regulatory compliance, privacy/HIPAA, and internal auditing. The CCO models ethical and compliant behavior through day-to-day work activities and fosters a working environment where compliance is the norm. The CCO works collaboratively with leadership and caregivers and employs state-of-the-industry strategies and techniques to routinely assess and address potential risk issues, to investigate reports of noncompliant conduct, and to safeguard the privacy and other rights of patients and caregivers. The CCO will establish a compliance program that is highly effective at preventing risky and noncompliant conduct, and that efficiently identifies and corrects noncompliance when it occurs.

This is a hybrid position. Some job duties can be performed remotely without loss of productivity or effectiveness, but some work may require or benefit from onsite presence or in-person collaboration. The CCO is expected to use good judgment about when to work fully on site at a SCHS location, and may be directed to do so at any time based on business need. 

The CCO reports to the SCHS Senior Vice President, Chief Legal & Risk Officer, and has direct and unfettered access to the Chief Executive Officer (CEO) and to the SCHS Board of Directors’ Audit & Compliance Committee. This position directly oversees assigned caregivers.

ESSENTIAL FUNCTIONS AND DUTIES:

Directs the work of the compliance department, manages its budget, and supervises the compliance analysts, internal auditors, and privacy officers. 

Oversees compliance-related monitoring activities for the organization, and otherwise generally develops and oversees the Compliance Program consistent with the recommendations of the Office of the Inspector General (OIG), U.S. Department of Health and Human Services, and industry best practices.

Develops an annual compliance work plan, based on an annual risk assessment, and with input from the Compliance Steering Committee and ensures completion throughout the year.

Oversees and administers the comprehensive, system-wide HIPAA Privacy Program. Works collaboratively with the Legal Department and with the Chief Information Security Officer on matters that relate to or involve the Privacy Program. Actively participates as a member of the SCHS External Data Governance Committee.

Develops and oversees the annual risk-based audit plan and related programs and activities; coordinates and assists external auditors and consultants.

Provides audits and other auditing services as requested by senior management, the Board of Directors, or any Board Committee.

Develops, revises, implements, and disseminates compliance-related policies, procedures, training and education, and other similar materials.

Identifies potential risk through a collaborative risk assessment process with key stakeholders, including the Compliance Steering Committee, incorporating relevant information obtained through internal audits and investigations, the compliance hotline, the OIG work plan, and recent enforcement trends.

Develops and oversees a system for uniform handling of verified violations of policy, rules, laws, and regulations including developing and implementing corrective action plans. In collaboration with the Senior Vice President, Chief Legal & Risk Officer, ensures violations or potential violations are reported to duly authorized enforcement agencies as appropriate and/or required. 

Oversees investigations of compliance-related concerns and ensures the fair, prompt, and appropriate resolution of such concerns. Collaborates with the Legal Department, Risk Management, and Human Resources in such investigations when indicated.

Leads organizational response to compliance-related investigations initiated by State and Federal regulatory agencies (e.g. - Office of Civil Rights, OIG, and Department of Justice) in consultation with, and at the direction of, the Senior Vice President, Chief Legal & Risk Officer.

Oversees the conflicts of interest process and serves as initial reviewer of potential conflict of interest disclosures in consultation with, and at the direction of, the Senior Vice President, Chief Legal & Risk Officer.

Collaborates with the Senior Vice President, Chief Legal and Risk Officer and the Senior Vice President, Chief Financial Officer on the development and maintenance of an Enterprise Risk Management Program.

Conducts all activities with the highest standards of professionalism and confidentiality. Complies with all applicable laws, regulations, policies, and procedures, supporting the health system’s compliance efforts by acting in an ethical and appropriate manner, reporting known or suspected violations of applicable rules, and cooperating fully with all company investigations and proceedings.

Creates and maintains appropriate documentation of all compliance activities.

Provides system level leadership to establish and maintain open lines of communication within the organization to encourage the prompt reporting of compliance concerns.

Champions compliance as a core business principle and empowers caregivers and providers to speak up and do the right thing.

May perform other duties of similar complexity within the organization, as required or assigned.

EDUCATION:                   

Required: MBA, JD, MHA, or MHCDS.

Preferred: MBA with a concentration in Forensic Accounting, Data Analytics, or Healthcare combined. Some clinical experience would be a plus.

LICENSURE/CERTIFICATION/REGISTRATION:

Required: Certified in Healthcare Compliance (CHC). Ability to meet St. Charles Health Systems driving requirements.

Preferred: Certifications in related areas such as Fraud (CFE), Risk Management (CRMA), Coding (CPC), or Privacy (CHPC).

EXPERIENCE:

Required: Minimum ten (10) years’ experience in audit, accounting, legal, or compliance in health care or related industry. Minimum five (5) years’ experience managing a team in a health care organization with demonstrated skills in developing strong, collaborative teams. Must have an established record of high level, practical experience in a multi-function, multi-entity environment, with competencies in system-wide program planning, management, and oversight.  Proficient in collecting and analyzing business processes, workflows, and control relationships.

Preferred: N/A 

PERSONAL PROTECTIVE EQUIPMENT:

Must be able to wear any appropriate Personal Protective Equipment (PPE) required to perform the job safely.

PHYSICAL REQUIREMENTS:

Continually (75% or more):      Must be able to clearly and effectively communicate with others.

Frequently (50%):                      Sitting, standing, walking, lifting 1-10 pounds, keyboard operation.

Occasionally (25%):                  Bending, climbing stairs, reaching overhead, carrying/pushing, or pulling 1-10 pounds, grasping/squeezing.

Rarely (10%):                           Stooping/kneeling/crouching, lifting, carrying, pushing, or pulling 11-15 pounds, operation of a motor vehicle.

Never (0%):                              Climbing ladder/stepstool, lifting/carrying/pushing, or pulling 25-50 pounds, ability to hear whispered speech level.

Exposure to Elemental Factors

Never (0%):  Heat, cold, wet/slippery area, noise, dust, vibration, chemical solution, uneven surface.

Blood-Borne Pathogen (BBP) Exposure Category

Risk for Exposure to BBP

Schedule Weekly Hours:

40

Caregiver Type:

Regular

Shift:

First Shift (United States of America)

Is Exempt Position?

Yes

Job Family:

DIRECTOR

Scheduled Days of the Week:

Monday-Friday

Shift Start & End Time:

8:00am - 5:00pm