Privacy Associate

Position Objective:

The position of Privacy Associate is responsible for supporting the ongoing effort to ensure privacy and confidentiality of confidential business and personally identifiable information including protected health information (PHI) at Luminis Health. This position is responsible for performing and coordinating privacy access and audits following established processes, managing the intake and tracking of privacy requests throughout Luminis Health to ensure compliance with Federal and State laws including the Health Insurance Portability and Accountability Act (HIPAA), The Maryland Personal Information Protection Act (PIPA) and various other related regulatory and legal requirements.

The Privacy Associate will provide assistance and support with privacy investigations, developing staff education, and reviewing and maintenance of the Privacy Office department page on the intranet. The Privacy Associate will function under the direction of the Privacy Officer and will coordinate work efforts with team members and other departments as appropriate.

Essential Job Duties:

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions

1. Runs pre-determined security audit reports per policy including use of software tools to support security audits. Identifies and investigates possible violations, contacts employees, department heads and HR as part of the investigative process. Fully documents the investigation process and outcomes.  Coordinates with IS to ensure all data feeds are functional.
2. Receives, reviews, and responds to requests from patients and workforce members. Logs request in tracking database, evaluates request, coordinates with other departments as necessary to track requests to completion, and notifies requester within policy determined timeframe and as necessary.
3. Recognizes reportable Privacy events and is highly aware of reporting timeframes. Ensures the Privacy Officer is made aware of reportable events in a timely manner.
4.  Conducts Privacy rounds (walk-through audits) at Luminis Health Entities to assess workforce members' compliance with established HIPAA safeguards. Documents findings and prepares reports with corrective action plans from the audits. Reports findings and observations in a clear manner, identifying high risk areas for further review.
5. Maintains knowledge of privacy issues and stays current on trends and developments in the privacy field.
6. Ensures the Privacy Officer is made aware of breaches or other reportable events in a timely manner.
7. If a large-scale breach is identified, follows policy for Breach Incident Notification and provides support to the Privacy Officer and the Incident Response Team as necessary. Completes immediate, and end of calendar year, breach reporting to the Department of Health and Human Services, Office for Civil Rights (OCR) as required. For all reportable incidents, tracks the OCR report number and maintains a copy of the report.
8. Prepares for and participates in the Luminis Health Compliance and Privacy Committee by providing updated trending reports and other supporting reports and information.
9. Completes projects as defined and assigned in the annual Work Plan
10. Participates in Departmental and other meetings as requested.
11. Any other assigned duties

Educational/Experience Requirements:

• A minimum of three years' experience in Privacy
• Associate degree or higher in a Health Related Field/Health Information Technology/Health information Management/ Legal or related field of study required. Bachelor's Degree preferred. At the hiring manager's discretion, candidates with a High School Diploma or equivalent plus a minimum of five years of privacy or compliance experience may be acceptable.
• Demonstrated proficiency in understanding and analyzing federal and state health care rules and regulations, particularly HIPAA, MODPA and MPIPA.
• Demonstrated ability to speak in public and educate employees on privacy related matters.
• Effectively utilizes e-mail and proficient at using Microsoft Office applications.
• Effective interpersonal, written, and verbal communication skills and ability to work with all levels of personnel, including senior leaders.
• Excellent time management, planning and organization skills.
• Utilizes critical thinking skills to analyze various situations and provide possible solutions for issues.
• Sense of discretion in handling sensitive situations and highly confidential information.
• Possess strong research and analytical skills in order to examine and extract relevant information while conducting compliance reviews and other assessments.
• Must have ability for attention to detail and to work independently, efficiently but accurately.
• Initiative while being able to work independently, detail oriented and strong skills in personal diplomacy.
• Excellent customer service skills

Required License/Certifications:

• Professional certification in Privacy such as Certified in Health care Privacy Compliance (CHPC), Certified in Healthcare Privacy and Security (CHPS), Certified Information Privacy Professional (CIPP), Healthcare Information Security and Privacy Practitioner (HCISPP), or other privacy credential by a recognized accrediting organization is preferred or must be obtained within one year of employment.

Physical Demands:

• Able to view a monitor screen for extended periods.
• Able to lift 10-201bs unassisted
• Visual acuity and hand-eye coordination to perform various tasks
• Able to travel between locations and distant training sites as needed.
• Ability to sit working at computer terminal or stand for extended periods of time
• Ability to enter data using hand/wrist dexterity
• Ability to work extended hours if necessary

The physical demands and work environment that have been described are representative of those an employee encounters while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions in accordance with the Americans with Disabilities Act.

Mental Demands:

• Must be able to function in a highly stressful environment.
• Responsible for problem-solving situations.
• Able to make independent decisions using sound judgement.
• Competent and confident in interpretation of requests from all levels of internal customers.
• Ability to provide clear written and verbal instructions.
• Ability to communicate effectively through written and oral media.
• Self-confidence to handle stressful, emergent, and dynamic work situations in a team environment often while managing multiple, concurrent, high- priority tasks.
• Persistence and attention to detail to produce high-quality, professional-looking work products and to continuously improve personal performance.
• Drive to self-motivate and set personal task priorities to best contribute to attainment of Luminis Health's mission, vision and values.
• Ability to exercise patience in all situations especially when communicating with strong personalities or aggravated persons (demonstrate strong customer service skills.)

The above job description is an overview of the functions and requirements for this position. This document is not intended to be an exhaustive list encompassing every duty and requirement of this position; your supervisor may assign other duties as deemed necessary.