• Regularly reviewing and assessing the effectiveness of the Compliance Program. • Taking sufficient steps to document the efforts of On Belay and its ACOs to meet its compliance obligations, advising management and the Compliance Committee and the Boards about achieving compliance and implications of non-compliance. • Implementing and overseeing written compliance, privacy and data sharing policies and procedures and the Code of Conduct. • Chair and be responsible for committee materials for the Policy Committee and the Compliance Committee. • Taking steps to communicate the Compliance Program, HIPAA, privacy and data sharing policies and procedures to employees and contractors of the On Belay and its ACOs, including overseeing the On Belay policy database and the NAACOS manuals site. • Developing or supporting and implementing a compliance, privacy and security awareness education and training program, including overseeing the training database and maintaining records of trainings in conjunction with Human Resources. • Appropriately publicizing, monitoring and responding to the mechanisms for reporting suspected instances of non-compliance, including those requirements required by law. • Implementing and overseeing the process of exclusion checks for employees, board members and participating providers, including overseeing the exclusion database. • Implementing and overseeing the conflict of interest process in coordination with the General Counsel, including overseeing the disclosure database. • Assisting the General Counsel with the review of Business Associate Agreements and monitoring the contract database, including developing or modifying relevant templates and processes . • Regular monitoring (at least bi-weekly) all relevant CMS portals for audits and CMS actions, reviewing newsletters and informational posts, attending meetings with CMS representatives, forwarding relevant dates for posting on the ACO Master Calendars, and coordinating responses and corrective action plans with the General Counsel and Chief Operating Officer. • Coordinating with the vCISO and IT Department on privacy or security issues that impact compliance and privacy, including phishing campaigns and security awareness training. • Assisting the Payor Department and/or General Counsel with process for Medicare Advantage compliance, including development of Payor Addendums and annual attestations. • Developing, implementing and monitoring annual Audit Work Plans for each On Belay entity approved by the Compliance Committee and the respective ACO Board(s) (This includes all subcomponents for each On Belay ACO and other On Belay entities), including conducting audits each quarter and reporting findings as appropriate to Leadership, the Compliance Committee and/or ACO and other Boards • Reporting regularly to the Compliance Committee and ACO Boards and at least annually to the System Board or more frequently, as appropriate. • Receiving, documenting and investigating reports of potential compliance and privacy violations and non-compliance with the Compliance Program, policy or applicable laws and regulations, which may include engaging internal and external resources to assist with investigations, including legal counsel. • Assisting with development of corrective action and mitigation plans when non-compliance with the Compliance Program or violations of policies and procedures or applicable laws are identified. • Assisting On Belay in making a good faith report of non-compliance with the Compliance Program or Applicable Law in conjunction with and advised by legal counsel. • Ensuring that those who participate in an investigation may do so without fear of retaliation. • Responding appropriately and timely to compliance questions. • Sharing compliance information with the ACOs, such as the results of internal audits or investigations, when such are relevant to the operation of any ACO program. • Upon consultation with legal counsel, ensuring appropriate notice to CMS of any required notifications. • The Compliance Officer shall have direct access to the On Belay Boards, senior management, and legal counsel, as well as the ACO Boards. • The Compliance Officer will ensure they have the resources necessary to effectively design, implement and monitor the Compliance Program. • The Compliance Officer may delegate these responsibilities and activities to internal and external staff and resources, provided that the Compliance Officer shall remain responsible for oversight of all delegated activities and responsibilities. • For the purposes of the ACOs, the Corporate Compliance and Privacy Officer will not be legal counsel for any ACO and shall be accountable to each ACO Board. • Perform other duties as assigned.