HIPAA Compliance Assessor/Consultant (Remote, Part-Time)

TestPros•Sterling, VA

6d•Remote

About The Position

TestPros is seeking a HIPAA Compliance Assessor / Consultant to support independent assessments of HIPAA compliance. This role will evaluate how websites, apps, or platforms collect, use, and protect user data, with a focus on minors/children. TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure.

Requirements

5+ years of experience with HIPAA Assessments and Reporting
5+ years of experience with HIPAA guidelines, such as: NIST Special Publication 800-66 Rev. 2: Implementing the HIPAA Security Rule, NIST Cyber Security Framework to HIPAA Security Rule Crosswalk, Health Information Trust Alliance (HITRUST)
Hands-on experience conducting: Privacy assessments / audits, PIA / DPIA
Strong understanding of: Data flows & data lifecycle, User data handling in web/mobile applications
Experience reviewing: Consumer-facing systems (apps, websites), Consent, transparency, and privacy controls
Ability to translate regulations into practical findings and recommendations

Nice To Haves

Background in GRC, cybersecurity, or product compliance
Certifications such as: CIPP, CIPM, CISM, or similar

Responsibilities

Identify Electronic Protected Health Information (ePHI): Locate all systems holding sensitive data.
Identify Threats and Vulnerabilities: Determine potential, reasonably anticipated threats.
Assess Security Measures: Evaluate current safeguards.
Determine Likelihood and Impact: Evaluate the probability and impact of potential breaches.
Document and Prioritize Findings: Create the formal report and risk mitigation plan.