Navitus Health Solutions, LLC

Analyst, Healthcare Compliance - Archimedes

Location US-TN-Brentwood
ID 2025-5002
Category
Archimedes
Position Type
Full-Time
Remote
No

Company

Archimedes

About Us

Archimedes - Transforming the Specialty Drug Benefit - Archimedes is the industry leader in specialty drug management solutions. Founded with the goal of transforming the PBM industry to provide the necessary ingredients for the sustainability of the prescription drug benefit – alignment, value and transparency – Archimedes achieves superior results for clients by eliminating tightly held PBM conflicts of interest including drug spread, rebate retention and pharmacy ownership and delivering the most rigorous clinical management at the lowest net cost. .______________________________________________________________________________________________________________________________________________________________________________________________________. Current associates must use SSO login option at https://employees-navitus.icims.com/ to be considered for internal opportunities.

Pay Range

USD $0.00 - USD $0.00 /Yr.

Work Schedule Description (e.g. M-F 8am to 5pm)

Our Core Business Hours

Overview

The Analyst, Healthcare Compliance is responsible for ensuring Archimedes’ operations, systems, and processes maintain continuous adherence to healthcare regulatory frameworks and industry standards, including HIPAA, SOC 2, and NCQA accreditation requirements. This role supports enterprise-wide compliance activities by coordinating audits, maintaining documentation, monitoring adherence to policies, and partnering with IT, Security, Operations, and external auditors to preserve an audit-ready posture. Operating within a compliance-first, healthcare-focused environment, the Analyst, Healthcare Compliance executes risk assessments, enforces data governance standards, and provides regulatory oversight for both internal operations and client-facing systems. The position develops and maintains compliance reporting, manages evidence collection, and supports remediation of gaps identified during internal or external audits.


In addition, this role acts as a liaison between compliance, IT, and business stakeholders to translate regulatory requirements into business processes and system controls. While compliance is the core responsibility (~75%), the role also contributes as a business analyst (~25%) by documenting workflows, gathering requirements for compliance-driven initiatives, and supporting the design of solutions that align business efficiency with regulatory obligations. The Analyst, Healthcare Compliance ensures Archimedes remains aligned with best practices for information security, privacy, and operational excellence in a highly regulated healthcare environment.

Responsibilities

Job Responsibilities:

  • Maintain audit readiness for SOC 2 Type II, HIPAA, and NCQA by coordinating evidence collection, tracking controls, and preparing documentation.
  • Conduct and support internal audits, risk assessments, and remediation planning to close identified compliance gaps.
  • Draft, review, and update compliance policies and procedures; ensure alignment with HIPAA Privacy & Security Rules and SOC 2 control requirements.
  • Monitor compliance dashboards, audit logs, and control evidence to ensure timely execution of control activities.
  • Partner with external auditors, regulators, and accreditation bodies during reviews, providing required documentation and responses.
  • Support vendor due diligence and Business Associate Agreement (BAA) compliance reviews; maintain third-party risk documentation.
  • Collaborate with IT Security to ensure identity/access controls, endpoint protections, and data governance align with HIPAA and SOC 2.
  • Track regulatory changes (HIPAA, HITECH, NCQA, state/federal healthcare regulations) and assess organizational impact.
  • Deliver compliance training and awareness programs for employees, contractors, and vendors.
  • Support incident response activities, including investigation, documentation, and reporting of potential PHI breaches or compliance events.
  • Partner with stakeholders to gather requirements for compliance-driven initiatives (e.g., secure data integrations, PHI workflows, audit reporting).
  • Document processes, workflows, and use cases that demonstrate compliance alignment for IT and operational teams.
  • Translate compliance obligations into system requirements and specifications for IT/security implementation.
  • Participate in UAT (User Acceptance Testing) and system validation to ensure compliance-related requirements are met.
  • Develop compliance-related reporting dashboards (e.g., audit status, control evidence, incident tracking).
  • Support SOC 2 and HIPAA audit readiness, documentation, and remediation activities.
  • Maintain knowledge base documentation, SOPs, and internal IT training resources.
  • Participate in change management, incident response, and problem management processes in alignment with Compliance best practices.
  • Participate in, adhere to and support compliance and diversity, equity, and inclusion program objectives.
  • Other duties as assigned.

Qualifications

Essential Background Requirements:

  • Education: Bachelor’s degree in Healthcare Administration, Compliance, Business, Information Systems, or related field required.
  • Certification/Licenses:
    • Certified HIPAA Privacy or Security Professional (CHPC, CHC, or equivalent).
    • Certified Information Systems Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC).
    • NCQA compliance program training/certification (preferred).
    • ITIL Foundation, CompTIA Security+, or equivalent compliance/security certifications beneficial.
  • Experience:
    • 3-5 years of compliance or audit experience in healthcare, PBM, pharmacy, or related regulated environment.
    • Strong knowledge of HIPAA Privacy & Security Rules, SOC 2 Trust Service Criteria, and NCQA accreditation standards.
    • Experience supporting internal and external compliance audits, risk assessments, and remediation efforts.
    • Familiarity with IT security principles, privacy frameworks, and vendor risk management.
    • Exposure to business analysis practices: requirements gathering, process documentation, and workflow mapping.
    • Working knowledge of IT security principles, compliance frameworks (SOC 2, HIPAA), and endpoint protection tools.
    • Skills & Technologies:
      • Compliance Frameworks: HIPAA, SOC 2, NCQA, HITECH, GDPR (preferred).
      • Audit & Risk Tools: GRC platforms, compliance management systems, or audit tracking tools.
      • Data Governance: Evidence collection, access control reviews, PHI/PII data handling practices.
      • Business Analysis Tools: Jira, Confluence, Visio, Lucid chart, or equivalent for workflows/requirements.
      • Reporting & Analytics: Power BI, Excel, or equivalent tools for compliance dashboards and evidence tracking.
      • Security & Privacy Practices: Access management, incident response, vendor compliance, privacy impact assessments.

Location : Address

5250 Virginia Way Ste 300

Location : City

Brentwood

Location : State/Province

TN

Location : Postal Code

37027

Location : Country

US

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.