HIPAA Compliance Assessor/Consultant (Remote)
About The Position
TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, NIST SP 800-171 / CMMC Assessment and Compliance, HIPAA, Privacy, Computer Forensics, Software Assurance, Software Testing, Test Automation, Section 508 and WCAG Accessibility Assessment, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer. TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure. Focus: HIPAA Assessment and Consultation Start: April 2026 Type: Part-time consulting Overview We are seeking a HIPAA Compliance Assessor / Consultant to support independent assessments of HIPAA compliance. This role will evaluate how websites, apps, or platforms collect, use, and protect user data , with a focus on minors/children .
Requirements
- 5+ years of experience with HIPAA Assessments and Reporting
- 5+ years of experience with HIPAA guidelines, such as: NIST Special Publication 800-66 Rev. 2: Implementing the HIPAA Security Rule NIST Cyber Security Framework to HIPAA Security Rule Crosswalk Health Information Trust Alliance (HITRUST)
- Hands-on experience conducting: Privacy assessments / audits PIA / DPIA
- Strong understanding of: Data flows & data lifecycle User data handling in web/mobile applications
- Experience reviewing: Consumer-facing systems (apps, websites) Consent, transparency, and privacy controls
- Ability to translate regulations into practical findings and recommendations
Nice To Haves
- Background in GRC, cybersecurity, or product compliance
- Certifications such as: CIPP, CIPM, CISM, or similar
Responsibilities
- Identify Electronic Protected Health Information (ePHI): Locate all systems holding sensitive data.
- Identify Threats and Vulnerabilities: Determine potential, reasonably anticipated threats.
- Assess Security Measures: Evaluate current safeguards.
- Determine Likelihood and Impact: Evaluate the probability and impact of potential breaches.
- Document and Prioritize Findings: Create the formal report and risk mitigation plan.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Part-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
1-10 employees
