CareFirst Careers

Manager, Compliance & Control

Resp & Qualifications

The CareFirst HIPAA compliance program for all compliance related initiatives, including regulatory analysis, in order to ensure that all aspects of HIPAA regulations are reviewed, assessed and met in conjunction with BCBSA & CareFirst compliance.  This will include:

 Privacy, Security and any new regulations that are approved by the Federal or State Governments in the months and years to come.  
Understanding the broad impacts of HIPAA regulations to the program across all Blues Enterprise, from the technical to the business areas.  
Creating and implementing an efficient, comprehensive compliance program that will ensure ability to demonstrate that it meets the regulations.
Establish methods, process, and tools for the proactive assessment of internal controls using standard industry frameworks such as COBIT, COSO, NIST, etc.


Under the general supervision of the Director the position accountabilities include, but are not limited to, the following:
Evolve, maintain, monitor and report on progress towards a comprehensive road map with goals and objectives, which outlines the compliance activities for the next three years.  Sponsor and champion compliance projects required by the roadmap, providing direction; defining scope; approving plans, schedule and budget expenditures within the context of what was approved by the VP and the client; and working to eliminate organizational barriers.  Ensure that all resources are effectively utilized and involved in all aspects of the internal effort.  Monitor HIPAA and related regulations within the law and its impact on the client.

Recommend and draft policy and organizational SOPs, for VP approval, to align the control environment of the organization with changing regulations.  
Oversee the notification, analysis, risk assessment and coordination with external parties for member notification of breaches.  Respond to internal and external inquiries pertaining to transaction issues, privacy data requests, and other regulatory questions.  Oversee direct and matrixed staff for the change control activities resulting from each of the gap analysis exercises, from translation to privacy.  Develop and maintain a database of regulatory requirements and status of compliance that is auditable and traceable.  

Develop and participate in training and education regarding HIPAA.  Serve as the HIPAA representative on the corporate committees as necessary.  
Evaluates performance of each team member, generates development plans and sets goals within the context of the corporate policy.  Must also motivate, coach, counsel and develop team members within the context of the corporate policies and manages the team’s budget. Ensures that staff has appropriate tools and training.


This position requires a Bachelors degree in Political Science, Law, Business Administration, Management Sciences, Finance and/or Accounting or other relevant area of study, and 10 or more years of progressively responsible corporate and management experience, OR total related experience.  Must be able to synthesize complex systems and audit information into a format easily and completely understood by a diverse audience.  Individual must have working knowledge of HIPAA regulations and system controls.   Skills: Incumbent must have excellent interpersonal skills, and an ability to communicate at all levels of the company.  Individual must demonstrate ability to focus on details, creative problem solving, and juggling multiple priorities.  Must demonstrate leadership skills, business perspective; excellent oral and written communication and presentation skills, facilitation skills and business process assessment techniques.  Must have the ability to identify and assess process controls and risks.  Must be able to teach, develop, and motivate associates.  

Preferred:  Master’s degree in related field, prior project management experience.    


Department: Integrated Compliance and Risk)

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Closing Date

Please apply before: 6/23/21

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.


The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship

Not finding the right job?
Stay informed about future openings by joining one of our Talent Networks!

Learn more about Business Operations