John Cowley

Experience

• 

  Kentucky Administrative Office of the Courts

  Jun 2005 - Dec 2005

  Judicial Law Clerk

  Research & Drafting of Legal Documents-Drafted opinions and orders for ~20 judges located in the Commonwealth of Kentucky. - Researched questions of law; utilized Westlaw and various legal documents ranging from case law to statutory interpretation to conduct legal research.

• 

  Kindred Healthcare

  Jan 2008 - Dec 2008

  Training and Marketing Coordinator

  Training & Marketing Material -Collaborated with sales trainer to develop and coordinate web-based sales trainings. -Drafted marketing collateral on the service offerings and quality metrics; educated sales staff on how to best present the company and better serve customers.

• 

  Kindred Healthcare

  May 2010 - Dec 2017

  Program Management & Process Improvement-Directed enterprise privacy program for over 100K employees; ensured confidentiality of protected health information from unauthorized use or disclosure through thorough investigations and reporting.-Revamped compliance reporting in collaboration with the Chief Compliance Officer; provided the Board of Directors with more in-depth quantitative and qualitative data and analyses.-Developed and implemented gift payment protocol in compliance with referral laws and revised contracting process. Compliance Investigations & Risk Assessment -Drafted responses to government agencies in investigations of privacy complaints and breaches; resulted in dismissal of 3 major breach investigations with no penalties. Collaboration & Communication-Coordinated with Chief Compliance Officer to facilitate quarterly board meetings; reported data and metrics and drafted compliance presentations.-Collaborated with Chief Information Security Officer to maintain and monitor security systems that stored protected information; performed incident response management, executed security awareness campaigns, and ensured privacy law compliance within the IT environment. -Drafted agendas, took minutes, and conducted meetings for the Privacy and Security Steering Committee with C-level members including, Chief Compliance Officer, CEO, COO, CFO, and CIO. -Collaborated with division leaders to identify risks and execute compliance risk assessment; worked with Chief Compliance Officer and functional area leads to develop corrective action plans.Training & Education -Conceptualized, developed, and executed a company-wide compliance training program through multiple learning management systems, including general compliance training and privacy training. -Trained thousands of employees in various settings, including one-on-one trainings and formal presentations with over 50 people per session. Show less Compliance Investigations & Communication-Conducted billing, quality of care, and compliance-related investigations, including a comprehensive, high-profile investigation.-Served as compliance representative, acting as main department liaison for outpatient rehabilitation agency line of business; provided compliance guidance on division policies and procedures. Audit-Executed Conditions of Participation (CoP) audits at outpatient rehabilitation agencies.-Audited clinical records to uncover any compliance-related concerns or discrepancies. Show less Compliance Investigations & Risk Assessment -Led investigations of potential privacy breaches, responding to Office for Civil Rights and working with outside counsel on major breach investigations.-Executed privacy and security risk assessments and ongoing compliance monitoring activities.Training & Education -Conducted trainings at sites that had experienced significant breaches, educating personnel on responsibilities and policy requirements.-Directed and facilitated company-wide privacy and security trainings. Show less

  • Senior Director of HIPAA and Regulatory Affairs

    Jan 2014 - Dec 2017

  • Director of Compliance, Home Health and Hospice

    Apr 2013 - Dec 2014

  • Senior HIPAA Analyst

    May 2010 - Apr 2013
• 

  Healogics, Inc.

  Dec 2017 - Nov 2019

  Vice President of Compliance

  Leadership & Program Management-Oversee 2 direct and 4 indirect reports, including the Director of Compliance and Compliance Manager; assist in the annual $3M departmental budgeting process.-Manage company privacy program; enforce compliance with privacy regulations under HIPAA and state laws through protection of health information, thorough investigations, and accurate reporting. -Co-lead company compliance program with responsibility over education and training, communication, governance, written standards, and corrective actions. -Develop, implement, and administer Code of Conduct and associated policies and procedures. -Research and obtain up-to-date information on changes in laws, rules, regulations, enforcement agency initiatives, and case law developments. -Conduct investigation interviews and oversee teams of investigators on privacy and general compliance investigations.Training & Education-Develop and execute company compliance education curriculum for new hires and ongoing annual trainings on topics such as Code of Conduct; False Claims Act; referral laws; gifts and gratuities; medical documentation; non-discrimination in healthcare; conflicts of interest; and privacy and security.-Educate staff on compliance developments; provide and maintain multiple channels for reporting suspected non-compliance, including a third-party vendor hotline, email account, and web portal.Collaboration & Communication-Attend governance committee meetings; present to upper management, consisting of the entire C-suite.-Present on a frequent basis, including to the Board of Directors on compliance reporting and at regional meetings to the field management team.-Assist in the development and implementation of the annual compliance plan and perform risk assessment.-Collaborate with internal departments to promote implementation and monitoring of internal corrective action plans and ensure timely and orderly compliance violation investigations and reporting. Show less

• 

  Amedisys

  Nov 2019 - now

  Vice President, Privacy Officer