HIPPA Privacy Analyst

About The Position

Requirements

• Bachelor’s degree (required) in Health Information Management, Health Administration, Compliance, or related field (preferred), certification in Healthcare Privacy.
• Minimum of 3 years of experience in healthcare, healthcare compliance, privacy, or audit role.
• Basic math skills required. Ability to work with reports and numbers. Ability to calculate moderately complex figures and amounts to accurately report activities and budgets.
• Ability to apply common sense understanding to carry out simple one or two-step instructions. Ability to deal with standardized situations with only occasional or no variables.
• Use computer, printer, and software programs necessary to the position (i.e., Word, Excel, Outlook, and PowerPoint). Ability to utilize the Internet for resources.
• Conducts job responsibilities in accordance with the ethical standards of conduct, state contract, appropriate professional standards and applicable state/federal laws.
• Analytical skills, professional acumen, business ethics, thorough understanding of continuous improvement processes, problem solving, respect for confidentiality, and excellent communication skills.
• In-depth knowledge of HIPAA Privacy and Security Rules, and breach notification requirements.
• Experience using MyAvatar EMR system.
• Strong analytical skills with experience conducting audits and investigations.
• Excellent written and verbal communication skills.
• Excellent organizational skills with the ability to prioritize workflow and meet deadlines.
• Ability to handle multiple tasks and special projects simultaneously.
• Ability to work independently and collaboratively across departments.
• High attention to detail and strong organizational skills.

Nice To Haves

• Familiarity with healthcare laws, regulations, and standards is a plus.

Responsibilities

• Auditing and Monitoring: Conduct regular and targeted audits of medical records, with a focus on privacy compliance, including use and disclosure of PHI. Conduct site assessments monitoring activities related to privacy. Work Collaboratively with department stakeholders for operational needs and compliance with local, state and federal regulations. Utilize MyAvatar to monitor access and activity logs, identify potential unauthorized access, and ensure proper documentation. Prepare and present audit findings to leadership, including recommendations for corrective action.
• Investigations: Investigate complaints and potential breaches of patient privacy, including inappropriate access or disclosure of PHI. Document findings and support the breach determination process, including risk assessments and breach notification decisions.
• Training and Education: Develop and present HIPAA and privacy training for newly hired and annual refresher training for all employees. Customize training modules based on audit findings and regulatory changes. Provide targeted education sessions following policy violations or compliance gaps.
• Compliance Program Support: Lead or assist in organizing Compliance and Ethics Week events and educational activities. Review and update privacy policies and procedures to ensure ongoing compliance with regulatory requirements. Maintain awareness of updates to HIPAA and other relevant privacy regulations and ensure implementation of necessary changes.
• Breach Notification and Policy Enforcement: Assist in coordinating timely and compliant breach notifications to affected individuals, regulatory bodies, and business partners. Maintain breach logs and assist in preparing reports for internal leadership and external agencies as required.
• Performs other duties as assigned.

Benefits

• Medical/Dental/Vision
• Paid Time Off
• Paid Holidays
• Employee Assistance Program
• Retirement Plan, including employer matching
• Health Savings Account, including employer matching
• Professional Development allowance up to $2000 per year
• Bilingual Stipend – 6% of the base salary
• Many other benefits