Sr. Privacy Associate

Position Objective:

The Senior Privacy Associate supports the Privacy Officer in implementing and maintaining the organization’s privacy program. This role ensures compliance with HIPAA Privacy and Breach Notification rules, and other applicable privacy laws. This role will contribute to the maturity and maintenance of the organization’s Privacy program, support its strategic direction, and contribute to the day-to-day program operations.

Essential Job Duties:

1.                  Support the development, implementation, and continuous improvement and maintenance of the privacy program.

2.                  Monitor compliance with HIPAA Privacy, state privacy laws, and organizational policies.

3.                  Conduct periodic audits and risk assessments to ensure ongoing compliance and identify vulnerabilities.

4.                  Support Privacy investigations, documentation, and reporting of privacy incidents and breaches to regulators, as required and within reporting timeframes.

5.                  Develop and deliver HIPAA Privacy training to workforce members.

6.                  Research and analyze federal and state regulations with corresponding development of plans and recommendations for resolution/ implementation.

7.                  Draft and maintain Privacy policies, procedures, Notices of Privacy Practices and internal Standard Operating Procedures (SOPs).

8.                  Respond to Privacy inquiries and concerns within established timeframes.

9.                  Support the Business Associate Agreements (BAAs) review and assessment process.

10.             Track and report program metrics, incidents, and risk posture.

11.             Support the coordination of and participate in the Compliance and Privacy Committee.

12.             Stay current with privacy regulatory updates and enforcement trends.

13.             Participate in departmental and other meetings as requested.

14.             Conducts other tasks as assigned.

Educational/ Experience

Requirements:

•                    Bachelor’s degree in Law, Compliance, or related field.

•                    Minimum of 5 years of experience in healthcare privacy compliance.

•                    Strong understanding of HIPAA Privacy and Breach Notification Rules, and state health information privacy laws. Experience with GDPR and other privacy laws a plus.

•                    Experience conducting access audits and privacy investigations.

•                    Excellent organizational, analytical, and communication skills.

•                    Demonstrated ability to speak in public and educate employees on privacy related matters.

•                    Effectively utilizes e-mail and is proficient at using Microsoft Office applications.

•                    Professional certifications such as CHPC, CHC, CHPS, CIPP/US, or CIPM

•                    Excellent time management, planning and organization skills.

•                    Utilizes critical thinking skills to analyze various situations and provide possible solutions for issues.

•                    Sense of discretion in handling sensitive situations and highly confidential information.

•                    Must have ability for attention to detail and to work independently, efficiently but accurately.

•                    Initiative while being able to work independently, detail oriented and strong skills in personal diplomacy.

•                    Excellent customer service skills.

•                    Ability to prioritize and shift tasks as needed based on emergent criteria.

•                    Ability to work from an annual work plan and manage resources to complete the work plan in a timely manner.

Preferred:

•                    Experience with healthcare systems (Epic) and privacy compliance software (e.g., Bluesight, EthicsPoint).

•                    Legal or healthcare compliance background preferred.

Physical Demands:

•                    Able to view a monitor screen for extended periods.

•                    Able to lift 10-201bs unassisted

•                    Visual acuity and hand-eye coordination to perform various tasks

•                    Able to travel between locations and distant training sites as needed.

•                    Ability to sit working at computer terminal or stand for extended periods of time

•                    Ability to enter data using hand/wrist dexterity

•                    Ability to work extended hours if necessary

The physical demands and work environment that have been described are representative of those an employee encounters while performing the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions in accordance with the Americans with Disabilities Act.

Mental Demands:

•                    Must be able to function in a highly stressful environment.

•                    Responsible for problem-solving situations.

•                    Able to make independent decisions using sound judgement.

•                    Competent and confident in interpretation of requests from all levels of internal customers.

•                    Ability to provide clear written and verbal instructions.

•                    Ability to communicate effectively through written and oral media.

•                    Self-confidence to handle stressful, emergent, and dynamic work situations in a team environment often while managing multiple, concurrent, high- priority tasks.

•                    Persistence and attention to detail to produce high-quality, professional-looking work products and to continuously improve personal performance.

•                    Drive to self-motivate and set personal task priorities to best contribute to attainment of Luminis Health's mission, vision and values.

•                    Ability to exercise patience in all situations especially when communicating with strong personalities or aggravated persons (demonstrate strong customer service skills.)

The above job description is an overview of the functions and requirements for this position. This document is not intended to be an exhaustive list encompassing every duty and requirement of this position; your supervisor may assign other duties as deemed necessary.