Share this Job
Apply now »

Privacy Officer

Date:  Sep 11, 2022

Any city, CA, US, 99999

Req ID:  13624


General oversight of privacy program related to HIPAA Privacy and Security rules and State privacy laws.  Act as the global single customer point of contact for security for large HealthCare customer accounts. This position will have responsibility for the HIPAA privacy compliance services, including escalations and incident investigations for the assigned account. It also provides leadership and governance for audit and compliance activities. Responsibilities will include attending meetings with all levels of customer management, recommending and influencing customer direction, reporting status of privacy improvements and investigations, leading global privacy projects and programs, handling client escalations, facilitating compliance reviews, and overseeing all remediation activities. 

The clients that will be supported by this position are highly regulated with comprehensive privacy and security needs.  This position will implement account-specific privacy programs, including policies and procedures, quality improvement projects, risk assessment activities, and staff member training. 

This position may also act as a trusted advisor to the Gainwell Technologies’ clients and our client team in the areas of data privacy and security practices and documentation compliance. This position is required to provide an essential single point of contact and program management, controlled self-assessment and to provide privacy, audit and regulatory-related subject matter expertise.

Your role in our mission

Essential Job Functions

  • Understanding of HIPAA Privacy and Security regulations and state/local privacy laws, including OCR and NIST privacy and security guidance and controls
  • Evaluate the day-to-day work conducted on the Client account and conduct risk assessments to determine impact.
  • Review Policy Compliance Management and investigate and report on privacy-related incidents.
  • Conduct monitoring assessments to ensure staff member compliance with privacy and security procedures and best practices.
  • Coordinate full risk assessment every three years. Working knowledge of HIPAA Privacy and Security Rules including HITECH is required. Familiarity with NIST SP 800-53 is preferred.          
  • Assist in conducting HIPAA new hire training and ongoing privacy training for staff.
  • Maintain all documentation supporting HIPAA compliance including Privacy and Security Manual, Risk Management Plan, Incident Response Plan, System Security Plan.
  • Work with the client during the annual disaster and recovery drill and other tabletop incident response exercises
  • 24/7 availability to address privacy and security emergency incidents as they may affect Gainwell and client operations.

This is the list of core responsibilities for the Account Privacy Officer and is not all-inclusive.  The Account Privacy Officer may perform additional duties as needed to support the HCI organization or the client account needs.  The Account Privacy Officer reports to the Corporate Privacy Officer.

What we're looking for

  • 5+ years’ experience in data privacy and security. Healthcare experience is required. State agency healthcare experience highly desired. 
  • Experience with emphasis in information security and regulatory or other compliance management.
  • Experience with risk management techniques. Demonstrated ability to link risk management practices to business needs.
  • Experience with health care environments and compliance planning and implementation.
  • Knowledge of regulatory compliance requirements including HIPAA/HITECH, and state law experience with privacy regulations in at least one state.

What you should expect in this role

  • You will be onsite at the office location 5 day per week. 
  • The office is located in the Roseville/Sacramento area in California. 

Apply now »