Legal Risk Manager Jobs in Oregon (NOW HIRING)

We are Emerus, the leader in small-format hospitals. We partner with respected and like-minded health systems who share our mission: To provide the care patients need, in the neighborhoods they live, by teams they trust. Our growing number of amazing partners includes Allegheny Health Network, Ascension, Baptist Health System, Baylor Scott & White Health, ChristianaCare, Dignity Health St. Rose Dominican, The Hospitals of Providence, INTEGRIS Health, MultiCare and WellSpan. Our innovative hospitals are fully accredited and provide highly individualized care. Emerus' commitment to patient care extends far beyond the confines of societal norms. We believe that every individual who walks through our doors deserves compassionate, comprehensive care, regardless of their background, identity, or circumstances. We are committed to fostering a work environment focused on teamwork that celebrates diversity, promotes equity and ensures equal access to information, development and opportunity for all of our Healthcare Pros.

The VP, Compliance & Risk Management provides enterprise leadership for the organization's compliance program and risk management strategy. This role designs and oversees a comprehensive framework to prevent, detect, and respond to regulatory, legal, accreditation, privacy, and operational risks; partners with clinical and business leaders to strengthen controls; and supports a culture of ethics, patient safety, and accountability. The VP serves as a trusted advisor to executive leadership and leads program reporting, investigations, and continuous improvement across the Company.

• Enterprise compliance program leadership: Develop, implement, and continuously improve the compliance program, policies, and procedures; align to OIG/CMS expectations and industry best practices.
• Risk management strategy: Establish and maintain an enterprise risk management approach that identifies, assesses, mitigates, and monitors key risks (clinical, operational, financial, regulatory, and reputational).
• Regulatory readiness and oversight: Assist with federal/state surveys, audits, and oversight activities.
• Investigations and case management: Oversee intake, triage, and investigation of hotline reports, complaints, and potential violations; ensure consistent documentation, confidentiality, root cause analysis, and corrective action.
• Privacy and security partnership: Partner with Privacy and Information Security leaders on HIPAA/privacy incident management, breach risk assessments, mitigation plans, and required notifications.
• Audit, monitoring, and controls: Build and manage a risk-based annual work plan; oversee auditing and monitoring activities (e.g., EMTALA, billing/claims, documentation, patient rights, conflicts of interest) and track trends and outcomes.
• Corrective and preventive actions: Drive development, implementation, and verification of corrective action plans; define owners, milestones, and effectiveness measures.
• Education and culture: Design and oversee compliance and risk training; promote speak-up culture, non-retaliation, and operational integration of compliance requirements.
• Governance and reporting: Prepare and present compliance/risk metrics, significant matters, and program updates to executive leadership, committees, and Boards; advise on risk tolerance and escalation decisions.
• Policy management: Oversee development, review, and maintenance of compliance and risk-related policies, standards, and guidance; ensure policies are operationalized and accessible.
• Vendor/third-party risk coordination: Collaborate on third-party due diligence and contracting controls impacting compliance, privacy, and security obligations.
• Litigation management support: In partnership with Legal and Risk, coordinate intake and tracking of litigation matters impacting the organization; support document retention and legal holds, discovery readiness, and collection of records; monitor trends, reserves/exposure (as appropriate), and remediation actions to reduce future risk.
• Claims and litigation partnership: Partner with Legal, Quality/Patient Safety, and insurance partners on claim trends, event investigations, and risk mitigation strategies (as applicable to the organization).
• Leadership: Recruit, develop, and lead a high-performing team; establish goals, performance expectations, and a continuous improvement mindset.

Key Competencies

• Ethical leadership and sound judgment
• Risk-based prioritization and program management
• Investigation skills, interviewing, and documentation discipline
• Data-driven reporting (metrics, trending, dashboards)
• Change management and stakeholder influence
• Strong collaboration with clinical, operational, legal, HR, finance, and IT partners
• Ability to translate regulations into workable processes

• Attend staff meetings or other company sponsored or mandated meetings as required
• Travel as necessary to support investigations, regulatory deadlines, or critical events
• Perform additional duties as assigned
• Ability to work off-hours and on call when required to support investigations, regulatory deadlines, or critical events

• Bachelor's degree in healthcare administration, public health, risk management, law, or a related field (or equivalent experience).
• 10+ years of progressive experience in healthcare compliance and risk management (hospital, health system, or comparable regulated healthcare environment).
• Demonstrated knowledge of healthcare regulatory requirements and enforcement expectations (e.g., HIPAA/privacy, EMTALA, fraud/waste/abuse, billing/claims compliance, patient rights, accreditation/survey readiness, incident reporting).
• Experience leading investigations, audits/monitoring, and corrective action plans with measurable outcomes.
• Proven executive presence and ability to influence senior leaders and clinicians through clear, practical guidance.
• Strong written and verbal communication skills, including Board-level reporting.
• Ability to handle sensitive matters with discretion and maintain confidentiality.

• Master's degree (e.g., MHA, MPH, MBA, MSN, JD).
• Professional certification(s) such as CHC, CHPC, CHRC, CCEP, CPHRM, or equivalent.
• Experience supporting multi-state operations and joint venture or partnership models.
• Experience implementing or maturing an enterprise risk management (ERM) framework and related governance.
• Experience partnering with Information Security on security incidents and vendor risk practices.