Mikole Murry, J.D.

• Responsible for audit program including risk assessments, creation and execution of annual Work Plans and managing corrective action plans
• Develop, socialize, and revise system wide compliance and privacy policies
• Manage hotline reporting process and conduct related internal investigations
• Provide real time guidance to physicians and clinic staff on compliance matters
• Operationalized system conflict of interest policy including disclosure and tracking process for employed clinicians
• Serve as Privacy Officer operationalizing state and federal privacy standards, conducting privacy training for clinical and front-line staff and oversee mandatory reporting to Office of Civil Rights and affected patients
• Remain current on trends in healthcare laws to communicate to key stakeholders
• Co-Chair Privacy Information Security Committee responsible for operationalizing Information Blocking workflows and Vendor screening process
• Coordination with key stakeholders including HR, Legal and Internal Audit
• Key COVID initiatives include managing Public Health Emergency waiver usage in Credentialing and Telemedicine
• Facilitated CMS Voluntary Disclosure protocol process

• Responsible for drafting program documents such as Compliance Plan, Code of Conduct and departmental policies and procedures
• Implemented system wide audit program for all business units
• Developed and delivered risk assessments for Compliance and Privacy functions
• Privacy Officer tasked with administering compliance with federal and state privacy regulations, implementation of staff education and training, regulatory reporting obligations and administering privacy audit program
• Chaired Incident Response Team established to perform breach assessment and regulatory reporting to Office of Civil Rights (OCR) investigations
• Implemented Vendor Oversight Committee to proactively screen and monitor high risk vendor relationships
• Served as a member of Institutional Review Board and Ethics Committees

• Drafted, reviewed and negotiated contracts and other legal documents to support client needs
• Researched and interpreted laws, rulings and regulations to advise on business and legal transactions
• Provided legal guidance on hospital operations, regulatory compliance, employment matters
• Executed due diligence review for physician practice acquisitions
• Provided counsel in connection with facility operations, fraud and abuse matters, transactional and/or litigation matters. Consulted on Corporate Compliance investigations
• Served as Health System Privacy Officer responsibilities include oversight of multiple 500+ data breach investigations; overhaul of subpoena review process and engagement of medical record vendor to manage Release of Information process

• Implemented Corporate Compliance Program based on Office of Inspector General guidance
• Developed policies and procedures to ensure compliance with federal and state regulations and Joint Commission on Accreditation for Health Care Entities
• Designed and conducted educational training sessions for staff relating to health care standards and role based needs
• Conducted investigations of suspected violations related to privacy complaints
• Created and oversaw work plan for hospital and affiliated entities identifying high-risk areas
• Presented audit findings to Senior Management and the Board of Directors.
• Implemented organization’s initial HIPAA Compliance Program
• Drafted privacy policies; developed system wide education for all audiences
• Implemented user access monitoring and data analysis

Implemented Corporate Compliance Program based on Office of Inspector General guidance

• Developed policies and procedures to ensure compliance with federal and state regulations and Joint Commission on Accreditation for Health Care Entities
• Designed and conducted educational training sessions for staff relating to health care standards and role based needs
• Conducted investigations of suspected violations related to privacy complaints
• Created and oversaw work plan for hospital and affiliated entities identifying high-risk areas
• Presented audit findings to Senior Management and the Board of Directors.
• Implemented organization’s initial HIPAA Compliance Program
• Drafted privacy policies; developed system wide education for all audiences

• Managed compliance efforts, reporting and audits.
• Launched Compliance Program including creation of program documents
• Led HIPAA Privacy Task responsible for implementation of companywide privacy initiatives
• Drafted privacy policies and procedures in response to newly passed HIPAA standards
• Administered contractual requirements mandated by state Medicaid managed care contract with Department of Human Services
• Established Fraud and Abuse Unit to identify suspected fraud, waste and abuse
• Tracked and trended provider and consumer utilization patterns
• Interpreted risk management issues, e.g., tort, third party liability and coordination of benefits
• Chaired Vendor Oversight Committee to monitor health plan vendor performance
• Prepared and presented comprehensive reports to upper management and audit team, covering issues and recommendations.