Privacy, Risk, and Compliance Manager

About The Position

Requirements

• Bachelor's degree in Healthcare Administration , Information Security, Law, or a related field.
• Minimum 5 years of experience in healthcare privacy, risk management, or compliance roles.
• In-depth knowledge of HIPAA, HITECH, and applicable federal/state healthcare privacy laws.
• Experience conducting audits, risk assessments, and regulatory reporting in a healthcare environment.
• Excellent organizational, communication, and cross-functional collaboration skills.

Nice To Haves

• Professional certifications: CHPC, CIPP/US, CIPM, CISM, or CRISC.
• Experience with healthcare compliance tools such as OneTrust , ServiceNow, or Archer.
• Background in working with hospitals, clinics, or health systems.
• Familiarity with EMR/EHR systems (e.g., Epic, Cerner).

Responsibilities

• Privacy Program Management
• Develop, maintain , and enforce HIPAA-compliant privacy policies and procedures.
• Conduct Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Ensure organizational compliance with HIPAA, HITECH, and applicable state healthcare privacy laws.
• Lead privacy education and training programs for clinical and administrative staff.
• Risk & Compliance Oversight
• Lead and manage the organization's enterprise risk management (ERM) program.
• Conduct vendor risk assessments for third-party healthcare service providers and business associates.
• Coordinate internal audits and prepare for external healthcare regulatory assessments (e.g., OCR, Joint Commission).
• Track and report remediation activities for identified risk and compliance gaps.
• Incident Response & Investigation
• Act as the privacy SME in response to data breaches or suspected privacy incidents.
• Collaborate with IT Security, Legal, and affected departments to ensure appropriate resolution and reporting.
• Coordinate breach notification processes in accordance with HIPAA Breach Notification Rule.
• Reporting & Governance
• Maintain audit logs and documentation for regulatory compliance.
• Generate risk and compliance reports for executive leadership and compliance committees.
• Monitor and report privacy and compliance KPIs across the healthcare network .

Benefits

• Career Growth & Development - We are an essential, stable and growing company with many opportunities for training and advancement within the medical field that all employees and team members can benefit from.
• Supportive & Inclusive Culture - We foster an environment where every team member is valued, heard, and empowered to succeed.
• Meaningful Work - Every day, you'll contribute to patient care, cutting-edge medical solutions, and life-changing treatment and technologies.