Privacy Officer

				Overview:

UnityPoint Health is seeking a Privacy Officer to join our Compliance team! In compliance with the HIPAA Privacy Rule, the Privacy Officer will be responsible for privacy issues in one or more Markets, assisting in other Markets as needed, and participating in the implementation of a standardized privacy program applicable to the entire system. The responsibilities for this role include:

* Collaborating with the management team in the design, implementation, and monitoring of privacy initiatives to ensure adherence to patient privacy regulations/laws (e.g. HIPAA, Part 2, Mental Health state laws, etc.);
* Developing and overseeing appropriate privacy-related education for new employees and existing staff members; 
* Investigating suspected cases of improper privacy activity, misuse of data, mitigation, breach notification, education/training, and coordinate reporting to the applicable Compliance Committee as appropriate and recommend corrective steps.

If you enjoy working in Privacy, we would love for you to apply! A background or interest in privacy issues relating to the conduct of medical research is a plus! 

Location: Applicants must reside in the Midwest as there will be travel to UnityPoint Health's markets in Iowa, Illinois, and Wisconsin 

Hours: Monday-Friday, 8am-5pm 

Responsibilities:

* Work in collaboration with the System Privacy Officer and Market Information Security Officer to maintain the privacy and security program for assigned Market(s).
* Support other Market Privacy Officers by handling incidents and matters from other Markets to ensure equitable distribution of work.
* Establish subject matter expertise as requested by the System Privacy Officer to support the system-wide privacy program.
* Support standardization of the privacy program across Markets, including standardized training and policies.
* Participate in system-wide initiatives impacting privacy.
* Plan, execute and manage a variety of technical, investigative, and education-based projects as a key member of the Compliance Department.
* Respond to investigations and/or inquiries from regulatory agencies on privacy concerns including, but not limited to: the Office of Civil Rights, Attorney General, accreditation bodies, etc.
* Develop communication tools and vehicles to disseminate and update management and staff on privacy initiatives, related policies and procedures, and regulations.
* Serve as a resource to providers and team members in establishing methods to improve efficiency and reduce vulnerability to privacy issues.
* Ensure Markets have appropriate Business Associate Agreements in place and perform ongoing monitoring thereof.
* Work with the management team in the design, implementation and monitoring of the privacy program and initiatives to promote and ensure adherence to federal and state privacy laws and regulations.
* Develop and oversee appropriate privacy-related education for new employees and existing team members.
* Assist in the development and execution of a Privacy Auditing and Monitoring Plan. 
* Investigate suspected cases of improper privacy activity, coordinate reporting to the applicable regulatory bodies and Compliance Committee as appropriate, and recommend corrective steps. 
* Ensure compliance with privacy monitoring and documentation requirements. 
* Manage the process to receive, investigate, document, and respond to all privacy complaints. 
* Ensure process for compliance with patient rights(i.e. accounting of disclosures, request to amend, right to access, restrict use and disclosure, and specific remedial privacy training) 
* Collaborate with HR to ensure consistent application of sanctions for violations of privacy rules.
* Perform privacy walk-throughs and physical space assessments. 
* Work with the System Privacy Officer to ensure that the organization has and maintains appropriate privacy and confidentiality consents, authorization forms, privacy notices, privacy policies and procedures, and business associate agreements. 
* Prepare periodic reports to System Privacy Officer and leadership on status of privacy and security initiatives. 
* Participate in periodic enterprise-wide meetings related to privacy/security. 
* Support an environment of innovation, learning, teamwork, and professional practice, consistent with the mission, vision and values of the organization. 
* Provide resources to help ensure all organization services, policies and procedures follow agency standards, regulatory mandates, accrediting bodies and federal, state and local regulations as appropriate. 
* If delegated, function as the Identity Theft Prevention Officer. 
* Collaborate with other Market Privacy Officers in building strong relationships in areas of responsibilities. 
* Serve as a member or liaison to affiliate IRB as applicable.

Qualifications:

* Bachelor's degree + 5 years of Privacy experience or equivalent required
* Certification in Healthcare Privacy (CHPC), Certified HIPAA Professional (CHP), or Certified Information Privacy Professional (CIPP) preferred, must obtain within a year if not certified upon hire
* Experience within a large, complex healthcare organization and strong knowledge of federal and state privacy laws preferred
			

Apply

Share this job:

Share this Job

View company profile

UnityPoint Health