The Privacy Analyst supports the activities of Alliance’s privacy program in developing and maintaining policies, procedures, and practices designed to ensure compliance with all State healthcare program requirements and Federal and State Privacy rules and standards.
This position will allow the successful candidate to work a hybrid schedule. Two days a week working onsite is required.
Responsibilities & Duties
Investigate Privacy and Confidentiality Incidents and Breaches
Assist Director of Privacy/Security and Privacy Analyst II with investigating, tracking, and resolving incidents and breaches
Communicate with staff and management as appropriate to collect all facts necessary for a thorough risk assessment and investigation
Utilize various investigative techniques, including investigative and administrative interviews, evidence collection, and regulatory research
Document investigative actions and findings in Compliance360
Develop audit and monitoring tools, as needed, to assist with investigations
Maintain high levels of confidentiality and integrity at all times
Provide notification of breaches to members within specified timeframes and under the guidance of the Director or Privacy Analyst II
Document and Provide Technical Assistance to Providers in Alliance Network
Document privacy and confidentiality complaints in appropriate system
Utilize standard responses or consult with Privacy Analyst II or Director to develop provider notifications
Notify provider(s) in writing of the potential violation, monitor, and follow up with the provider regarding any required compliance steps such as risk assessments, mitigation efforts, notification of affected individuals, and submission of reports to the Department or the US Department of Health and Human Services, Office of Civil Rights
Conduct Privacy Audits
Conduct recurring and/or ad hoc privacy audits
Develop audit protocol and audit tools as necessary
Perform detailed review of audited files, collect data, and document findings
Prepare audit reports, propose remediation, and submit to Director for review and approval
Monitor effective implementation of remediation plans
Disable workforce access at employment termination
Monitor Business Associates and Delegated Vendors
Monitor Alliance business associates’ and delegated vendors’ compliance with HIPAA
Utilize Compliance360 to enter business associate information and send questionnaires
Prepare report for review by the Director and Information Security Steering Committee
Conduct follow up as needed
HIPAA/Confidentiality Training
Assist Director and Privacy Analyst II in developing and disseminating annual and ad hoc HIPAA and Confidentiality training to employees
Conduct New Employee Orientation HIPAA and Confidentiality training bi-weekly or as assigned by the Director
Track post-test scores and ensure employees receive retraining when failing a post-test
Minimum Requirements
Education & Experience
Associate’s degree preferably in healthcare, public or business administration, social science or related field and five (5) years of experience in healthcare privacy compliance, regulatory analysis, auditing, investigating; or equivalent combination of education and experience
OR
Bachelor’s degree from an accredited college or university preferably in healthcare, public or business administration, social science or related field and three (3) years of experience in healthcare privacy compliance, regulatory analysis, auditing, investigating.
Must have demonstrated knowledge and experience in HIPAA privacy regulation and conducting/managing audits or investigations.
CLEAR certification required within one (1) year of employment.
Preferred: Knowledge of NC General Statutes, 42 CFR Part 2, and certified in Healthcare Privacy Compliance (CHPC) or similar certification.
Knowledge, Skills, & Abilities
Knowledgeable with Microsoft Office Suite
Ability to maintain confidentiality
Provide exceptional customer service
Ability to develop applicable policies and procedures
Self-starter with ability to meet strict deadlines
Excellent organizational skills and attention to detail
Knowledge of HIPAA, state and federal guidelines on privacy, and security
Interpersonal skills and demonstrated ability to work with diverse functional areas within and outside the organization.
Experience investigating and resolving incidents involving protected health information
Staff training specific to privacy and confidentiality
Ability to develop automated audit tools, databases and tracking tools desired
Ability to communicate effectively both verbally and in writing
Salary Range
$58,480 - $66,521/Annually
Exact compensation will be determined based on the candidate's education, experience, external market data and consideration of internal equity.
An excellent fringe benefit package accompanies the salary, which includes:
Medical, Dental, Vision, Life, Long Term Disability
Generous retirement savings plan
Flexible work schedules including hybrid/remote options
Paid time off including vacation, sick leave, holiday, management leave
