Privacy Investigations Compliance Analyst

About The Position

Requirements

• Associate’s degree in Business Administration, Public Health, Law, Healthcare, or related field required.
• One to three years of experience in healthcare compliance, privacy investigations, auditing, risk management, or legal support, or an equivalent combination of education and experience required.
• Proficiency in Microsoft O365 (Word, Excel, Outlook, SharePoint and PowerPoint) required.
• Incident tracking warehouse and learning management system (LMS) proficiency strongly preferred.
• Ability to manage multiple tasks and investigations in a fast-paced, collaborative, and cross-functional environment.
• Ability to remain organized and effectively manage competing priorities while meeting deadlines.
• Demonstrate high attention to detail with the ability to produce clear investigation documentation.
• Ability to adapt and learn new ideas and concepts quickly.
• Ability to support drafting of reports for presentation to management and executives.
• Ability to schedule, facilitate, and participate in investigative calls with internal/external stakeholders.
• Ability to exercise sound judgment, discretion, and confidentiality when handling sensitive information.
• Ability to use analytical skills and problem solve in team situations, including root cause analysis and trend identification.
• Ability to express ideas and convey information effectively in verbal and written communications.
• Ability to use multiple Vituity systems and understand their connections and impact.
• Knowledge of compliance principles, including Office of Inspector General Seven Elements.
• Knowledge of Healthcare systems, health plans, and/or physician groups.
• Knowledge of incident management and tracking.

Nice To Haves

• Bachelor's degree in a related field preferred.
• Experience supporting HIPAA privacy investigations in a healthcare, physician group, or hospital environment preferred.
• Certification in Healthcare Compliance (CHC) or Healthcare Privacy Compliance (CHPC) preferred.
• Knowledge of Health Insurance Portability & Accountability Act (HIPAA), HIPAA Security rules, Fraud Waste & Abuse, and Emergency Medical Treatment and Active Labor Act (EMTALA) preferred.
• Knowledge of Medicare and Medicaid guidelines preferred.

Responsibilities

• Serve as a primary point of contact for privacy incident and inquiry intake, triaging reports received through designated compliance channels and escalating appropriately.
• Conduct privacy investigations under established protocols, including fact gathering, interviews, documentation review, and coordination with internal and external stakeholders.
• Schedule, coordinate, and participate in investigative calls with partner hospitals, client compliance teams, physicians, and internal employees to obtain relevant information and clarify findings.
• Review data and logs and summarize information for use during interviews and investigative summaries.
• Maintain and update privacy incident and investigation tracking systems in Lighthouse, ensuring accurate, timely, and complete documentation.
• Prepare investigation summaries, findings, and recommendations for review by Compliance leadership and, as appropriate, Legal or Executive Leadership.
• Support incident response and breach risk assessments, and assist with determination of notification obligations in collaboration with Privacy/Compliance, Legal, and InfoSec teams.
• Perform routine quality reviews and content audits of investigation records to ensure consistency, accuracy, and regulatory defensibility.
• Assist with annual privacy risk assessments and contribute investigative data, trends, and insights to inform the Compliance Work Plan.
• Conduct privacy-focused audits and monitoring activities, including targeted reviews of user access logs, incident trends, recurring root causes, and adherence to privacy policies and procedures.
• Support proactive monitoring initiatives to identify emerging privacy risks, systemic issues, or control gaps.
• Track and monitor corrective action plans, documenting completion and effectiveness of remediation efforts.
• Prepare audit and investigation metrics, dashboards, and reports for compliance ethics committees, leadership, and client stakeholders.
• Identify opportunities for process improvement and standardization across privacy investigations and reporting workflows.
• Coordinate logistics for privacy-related meetings, including investigative calls, or other follow-ups.
• Provide analytical and administrative support to the Compliance Department, including calendar management, meeting documentation, and report development.
• Develop or update investigation templates or other standard operating procedures to support consistency and efficiency.
• Support compliance awareness and education initiatives by identifying investigation-driven themes or trends that may inform training or guidance.
• Act as a steward of Vituity’s ethical culture by consistently promoting privacy, confidentiality, and compliance principles.
• Participate in training and professional development to maintain and expand knowledge of privacy, investigations, and healthcare compliance.
• Assist with and support special requests or projects as assigned.
• Perform related duties as required.

Benefits

• Monthly wellness events and programs such as yoga, HIIT classes, and more
• Trainings to help support and advance your professional growth
• Team building activities such as virtual scavenger hunts and holiday celebrations
• Flexible work hours
• Opportunities to attend Vituity community events including LGBTQ+ History, Día de los Muertos Celebration, Money Management/Money Relationship, and more
• Superior health plan options
• Dental, Vision, HSA/FSA, Life and AD&D coverage, and more
• Top Tier 401(k) retirement savings plans that offers a $1.20 match for every dollar up to 6%25
• Outstanding Paid Time Off: 3-4 weeks’ vacation, Paid holidays, Sabbatical
• Student Loan Refinancing Discounts
• Professional and Career Development Program
• EAP, travel assistance, and identify theft included
• Wellness program
• Purpose-driven culture focused on improving the lives of our patients, communities, and employees