Privacy Officer

About The Position

Requirements

• Five (5) years of professional experience in privacy compliance
• Two (2) years of direct experience in HIPAA compliance
• Knowledge and demonstrated experience with NIST, Federal Information Security policies/requirements, HIPAA, and other related State and Federal information privacy laws, security laws, and breach notification laws
• A minimum of Bachelor’s degree in information technology, health information management; or equivalent work experience

Nice To Haves

• Certified in Healthcare Privacy and Security (CHPS) or equivalent certification

Responsibilities

• Ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and Security Rule
• Develop, implement, and maintain privacy policies and procedures
• Stay current with Federal and State privacy laws and regulations affecting Medicaid programs
• Provide ongoing training and education to staff and contractors about privacy policies, procedures, and best practices
• Foster a culture of privacy and security for our customers.
• Investigate and respond to potential privacy breaches, including risk assessments and breach notification to affected individuals, regulators, and other required parties
• Maintain thorough documentation of privacy incidents and agency response actions
• Conduct regular risk assessments and audits to identify vulnerabilities and ensure the effectiveness of privacy controls
• Recommend and implement corrective actions as needed
• Oversee and respond to requests from Medicaid Agency regarding individual’s rights under HIPAA (e.g., access to records, amendments, accounting of disclosures)
• Ensure proper mechanisms are in place to address complaints and concerns from individuals about their PHI
• Serve as the primary point of contact for privacy matters with internal staff, Medicaid members, contractors, and regulators
• Work closely with IT, legal, compliance, and other departments to align privacy efforts across the Agency
• Ensure all privacy-related documentation is accurate, up to date, and retained according to policy
• Provide regular reports to Agency leadership on privacy compliance status, incidents, and improvements
• Ensure that contracts with Suppliers and business associates include appropriate privacy and security provisions
• Monitor third-party compliance with privacy requirements

Benefits

• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Community: Award-winning culture of innovation and a military-friendly workplace
• variety of medical plan options, some with Health Savings Accounts
• dental plan options
• a vision plan
• a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• full flex work weeks where possible
• a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• 15 days of paid leave per calendar year to be used for vacations, personal business, and illness
• an additional 10 paid holidays per year.
• The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees.
• short and long-term disability benefits
• life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.