Senior Privacy Analyst (Oversight and Monitoring) - Remote

About The Position

Requirements

• Bachelor’s degree in Business, Healthcare, Political Science, Legal, or Juris Doctor or related area of study; or equivalent combination of education and/or relevant work experience; HS diploma or GED is required
• 5 years of experience working within a legal or compliance role, or in a project or program coordination role within a highly regulated industry
• 1 year of experience working with HIPAA and state or federal privacy laws
• Must be eligible to work in the United States without need for work visa or residency sponsorship
• Strong verbal and written communication skills, with the ability to build rapport, influence stakeholders, and present complex privacy concepts to diverse audiences
• Strong attention to detail; organizational and time management skills
• Demonstrated process improvement experience
• Demonstrated ability to interpret and apply ambiguous, evolving, or overlapping regulatory requirements and translate them into practical, risk based guidance for business partners
• Ability to analyze how data moves through technical and operational processes and identify privacy risk points
• Experience performing secondline oversight, monitoring, or independent review of privacy controls, assessments, or operational practices
• Demonstrated ability to apply critical thinking skills and problem solve through difficult situations
• Experience establishing and maintaining key relationships internally and externally, at all levels of an organization

Nice To Haves

• Healthcare, Pharmacy Benefit Management (PBM) or other managed care work experience
• Master’s degree or other advanced education in Business, Healthcare, Political Science, Legal, or related area of study
• Certified Information Privacy Professional (CIPP), Certified Information Privacy Technologist (CIPT), Artificial Intelligence Governance Professional (AIGP) or Certified Information Privacy Manager (CIPM)
• Certified Compliance and Ethics Professional (CCEP), Certified Healthcare Compliance Professional (CHC) or Certified Healthcare Privacy Compliance (CHPC)
• Project management experience and/or Project Management Professional (PMP) certification

Responsibilities

• Collaborate with Privacy leadership, Clients and internal business partners to ensure Prime possesses the appropriate privacy materials; facilitate ongoing maintenance of these materials to ensure alignment to current practice, industry trends and regulatory changes
• Perform ongoing oversight and monitoring of Prime’s privacy program and business operations through the execution of HIPAA compliance assessments, review of privacy impact assessments, and performance of related monitoring activities
• Research applicable federal and state privacy laws (e.g. TCPA, HIPAA Privacy Rule, CAN-SPAM, state consumer privacy/health record laws) and assesses impact to Prime operations; support business areas in operationalizing compliance with such laws
• Develop and oversee corrective action plans in coordination with Privacy leadership and key Privacy team members, business areas, and vendors
• Serve as a privacy subject matter expert, advising business areas and project teams on privacy requirements, riskbased interpretations, and implementation considerations
• Provide oversight of thirdparty privacy risk management by reviewing vendor privacy assessments, identifying risk issues, and supporting remediation and ongoing monitoring activities
• Support the development, implementation, and ongoing enhancement of Prime’s AI governance framework, including assessment of privacy risks and regulatory considerations associated with AI use cases
• Collaborate with Legal, Privacy leadership and others in the development, implementation, and maintenance of privacy policies, procedures and other privacy documentation; develop privacy guidance and tools; evaluate and fulfill the privacy training requirements across the organization
• Monitor and manage the receipt, documentation, tracking, investigation and resolution for complaints concerning Prime’s privacy policies and procedures; collaborate with Compliance, Legal counsel and business areas to gather information, recommend solutions and ensure the appropriate action is taken to resolve and close the issue
• Support the intake and resolution of complex privacy incidents and complaints involving potential inappropriate use or disclosure of PHI; collaborate with business partners to recommend and ensure implementation of corrective action to support efforts to prevent future incidents
• Monitor Prime’s compliance with privacy practices and facilitate consistent application of sanctions for failure to comply with privacy policies; collaborate with the Privacy and Security teams, Human Resources, and Legal Counsel as applicable to ensure individual and organizational adherence to privacy obligations
• Participate in Privacy Champion program, committee and team meetings in support of business or privacy requirements
• Develop and maintain positive Client relationships proactively addressing any potential areas of concern

Benefits

• To review our Benefits, Incentives and Additional Compensation, visit our Benefits Page and click on the "Benefits at a glance" button for more detail (https://www.primetherapeutics.com/benefits).