Share this Job
Apply now »

Privacy Officer, Principal

Date:  Mar 9, 2023

Any city, TX, US, 99999

Req ID:  15903


This position shares responsibility for overseeing Gainwell’s corporate privacy program, providing compliance guidance to business and operations leadership at Gainwell accounts in 50 states and territories. 

Gainwell clients are highly regulated covered entities with comprehensive privacy and security needs.  This position will lead and contribute to privacy activities throughout Gainwell, including policies and procedures, quality improvement projects, incident investigations, risk assessment activities, monitoring and audits, and staff member training. This position reports to Gainwell’s Corporate Privacy Officer.

Your Role In Our Mission:

  • Subject matter expert for HIPAA Privacy regulations, including OCR and NIST privacy guidance and controls.
  • Investigate and report on privacy-related incidents. Conduct risk assessments to determine impact of incidents. Drive compliance with federal and state reporting requirements.
  • Continuously monitor and review regulatory updates and developments, including federal and relevant state regulations.
  • Provide guidance and documentation in audit and review response activities, including SOC, NIST, HITRUST, and MARS-E compliance frameworks.
  • Conduct monitoring assessments to ensure staff member compliance with privacy and security policies and procedures.
  • Author and maintain documentation supporting HIPAA compliance including privacy policies, health information management procedures, incident response plans, and related controls and documentation.
  • 24/7 availability to address privacy and security emergency incidents as they may affect company and client operations.
  • Provide guidance and assistance to business leaders and clients in handling privacy-related requests from auditors and regulatory agencies, including OCR and state regulators.
  • Support and contribute to corporate privacy initiatives, documentation, and training as requested by the Corporate Privacy Officer.
  • Provide guidance and input into Gainwell technology and applications, including privacy-by-design principles.
  • Develop quarterly and annual reports on incidents and privacy program activities using Gainwell’s incident management system.
  • Act as the primary backup for Gainwell’s Corporate Privacy Officer.

The above list of core responsibilities for the Account Privacy Officer position is not all-inclusive.  The Principal may perform additional duties as needed to support Gainwell or client account needs.

What We're Looking For:

  • A minimum of 7 years experience in healthcare privacy activities which includes overseeing the establishment, implementation, and adherence to corporate policies on privacy, confidentiality, and release of information; experience developing, conducting, and reporting privacy risk. An attorney licensed in at least one state with 4 years of healthcare privacy experience meets this qualification.
  • Possess and maintain privacy certification from HCCA, IAPP, AHIMA, or equivalent. CIPP / CIPM preferred.
  • Experience in healthcare payer setting or in a state or federal agency is desired.

What To Expect In This Role:

  • Remote work

Salary For This Role:

  • 107k - 154k annually depending on experience. 


Apply now »