Manager Corporate Responsibility Privacy

About the position

The Privacy Manager is part of the privacy compliance team and supports general administration and management of the systemwide activities related to safeguarding patient and non-patient data sources. The Manager will be responsible for managing organizational initiatives, programs, and services that collect, access, use, disclose, and exchange information where data must be protected and in compliance with the various laws and regulations governing data privacy. The daily function of the Manager is identifying, reviewing, analyzing, tracking, managing, monitoring, and auditing various data privacy-related programs and activities systemwide to support regional and corporate efforts utilizing a risk-based and regulatory approach. The Manager will support the compliance department in standardizing the organization's data exchange, access control, and business associate programs to create pathways for centralized models and solutions.

Responsibilities

• Serves as the escalation point role for privacy audits and investigations where AdventHealth sends or exchanges data with business partners who are responsible for maintaining and protecting data in performing services on AdventHealth's behalf.
• Provide support in reviewing and managing system-wide policies and procedures related to privacy program activities.
• Provide support in developing and managing standard internal workflow processes and standard operating procedures (SOP) relating to privacy program activities.
• Serve as a resource for other teams to provide guidance for programs that receive, store, or exchange data in compliance with relevant federal and state data privacy protection laws exist and as applicable.
• Responsible for overseeing, managing and maintaining applicable databases and repositories for business associates and related agreements.
• Responsible for assisting with the development, evaluation, implementation and response to systemwide privacy auditing and monitoring activities.
• Responsibility for managing, documenting, and responding to data privacy and security risk assessments in support of the organizational initiatives and programs (e.g., NIST, HITRUST, Third-Party Risk Assessment programs, etc.).
• Perform privacy investigations in coordination with our business partners and other stakeholders in a confidential and professional manner.
• Conduct data analysis, interviews, and mitigation to inform the investigative process, which may include collaborating with other department stakeholders on implementing corrective action or process improvements to reduce or resolve privacy risk or data compromise.
• Perform a detailed analysis of investigative findings, breach risk assessment and document findings of all privacy investigations.
• As necessary, coordinate with other departments in providing regulatory guidance in support of data privacy protection activities that may arise within the department's respective program and services areas.
• Monitor key regulatory changes and activities impacting health care to inform compliance activities specific to data privacy protections.
• Responsible for performing, managing, and executing other duties as assigned.

Requirements

• Bachelor's degree
• 3 years of health care privacy experience
• Strong project management skills
• Strong working knowledge of computers
• Strong oral and written communication skills
• Strong knowledge of healthcare privacy laws and regulations (Example: HIPAA, HITECH Act)
• Ability to manage third party privacy and data security risk assessment relationships
• Strong analytical and problem-solving skills
• Strong ability to assess, analyze, interpret, and report data, metrics, and trends
• Ability to conduct and supervise audits and investigations and document findings
• Ability to evaluate audit and investigation findings to determine compliance with policy and regulations
• Ability to effectively handle patient concerns
• Proficient in Microsoft (Excel, Word, PowerPoint, OneDrive, etc.)
• Strong database management and administration skills
• Organizational and planning skills as well as the ability to handle multiple tasks simultaneously
• Ability to operate successfully in a constantly changing, fast-paced environment
• Ability to work independently and maintain a high level of confidentiality
• Certification in Health Care Privacy or certification within 1 Year

Nice-to-haves

• Master's or higher-level degree in related field

Benefits

• Benefits from Day One
• Career Development
• Whole Person Wellbeing Resources
• Mental Health Resources and Support