Back to Search New Search

Compliance Manager

Hallmark Minneapolis, MN

Job Description

At Hallmark Business Connections, we're a small, innovative, tight-knit team and we strive to cultivate a culture where excellence is recognized and celebrated, health and wellness are a priority, and fun comes with the territory.  You may be just the right person to help us make the business world a better place. And there's only one way to find out- apply now!




The Compliance Manager is responsible for HBC solution integrity by ensuring compliance with policies and regulations.  Protects the Hallmark brand by ensuring solution integrity, including conformance to regulations and client commitments.  This position is responsible for identifying, evaluating and reporting on HBC business risks in a manner that meets compliance and regulatory requirements, and aligns to the risk posture of the enterprise.  The position requires a leader with strong facilitation, coordination and execution skills coupled with expert-level knowledge of principles and technologies in enterprise risk management, data privacy, and compliance.  The position works closely with Hallmark Corporate Information Security and Internal Audit organizations to ensure HBC compliance with Hallmark policies and standards.



Facilitate (through HBC leadership) and monitor a comprehensive enterprise risk management and solution-integrity capability to ensure the integrity and confidentiality of information that is owned, controlled, or processed by the organization.  Collaborate with HBC IT, Operations, Finance, Client Engagement, and Marketing along with Hallmark Information Security, Internal Audit, and T&BE (IT).  Ensure HBC supplier/vendor solution integrity/quality data is maintained and accurate.


Hallmark and HBC Security and Privacy Policy Understanding and Adherence

  • Collaborate with Hallmark Information Security to understand Hallmark policies, align HBC practices, and communicate HBC plans and status relative to security/privacy expectations
  • Monitor organization compliance with HBC/Hallmark information security/privacy policies and procedures, working through HBC IT and Operations
  • Provide regular reporting on the current status of the  compliance function to HBC senior business leaders, Hallmark Information Security, and Hallmark Internal Audit


Industry Compliance

  • Ensure HBC compliance with requirements from relevant laws, standards, and regulations (e.g., PCI, HIPAA, GLBA)

    Client-Related Compliance

  • Ensure alignment between HBC practices and client contractual commitments, including ongoing compliance monitoring of Business Associate Agreements to ensure all privacy concerns, requirements, and responsibilities are addressed
  • Collaborate with the HBC CIO and Infrastructure Manager in responding to customer compliance requests, facilitating on-site audits, and in completing security questionnaires


HBC Operational Audits/Controls

  • Lead HBC SOC2/HITRUST audits
  • Coordinate internal audits



  • Coordinate regular formal and informal cyber-security awareness education (e.g., phishing scams)
  • Ensure compliance with formal Hallmark information-security training
  • Administer formal information-related industry training (e.g., HIPAA, FDR, FWA)


Data Handling and Compliance

  • Data retention and destruction Enforce HBC policy, ensuring adherence and aligning to client contracts (especially pertinent know with exit from health/wellness points programs)
  • PCI, PII, PHI Collaborate with HBC IT (data architect, DBA, EA) to document and manage workflows, paying particular attention to PHI and PII; stay on top of requirements of this data (state laws, data-management requirements and certifications), document data flows, and ensure the proper training and execution for this level of data management



To be considered an applicant for this position you must show how you meet the basic qualifications of the job in a resume or document you upload, or by completing the work experience and education application fields.  Accepted file types are Microsoft Word (DOC or DOCX), PDF, HTML, or TXT.  Individual file size attachment limit is 10 MB.


In compliance with the Immigration Reform and Control Act of 1986, Hallmark Cards, Inc. and its subsidiary companies will hire only individuals lawfully authorized to work in the United States. Hallmark does not generally provide sponsorship for employment. Employment by Hallmark is contingent upon the signing of the Employment Agreement, signing of an agreement to arbitrate in connection with the Hallmark Dispute Resolution Program, completing Form I-9 Employment Eligibility Verification, passing the urinalysis drug screen, education verification and satisfactory reference and background checks.



  • Bachelor's Degree
  • Minimum 10 years of experience in a combination of enterprise risk management, data privacy, compliance, or information security



  • MBA Degree
  • Experience leading an organization in identifying, developing, implementing and maintaining business and technology processes to manage information-related risks
  • Knowledge of legal and regulatory requirements, such as Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard
  • Experience meeting PCI, PII and PHI requirements
  • Experience with audits, such as SOC 2


Hallmark Business Connections is an equal opportunity employer.  All qualified applicants will be considered for employment without regard to race, color, religion, sex, age, pregnancy, national origin, physical or mental disability, genetics, sexual orientation, gender identity, veteran status, or any other legally-protected status.  Principals only please.

Job Details

Date Posted August 7, 2017
Date Closes September 6, 2017
Requisition 416259100
Located In Minneapolis, MN
SOC Category 00-0000.00

This job is related other jobs in these career categories