Cincinnati, Ohio
Durham, North Carolina
Posted: 14-Mar-23
Location: Altamonte Springs, Florida
Salary: Open
Categories:
Internal Number: 23003763
Description
All the benefits and perks you need for you and your family:
- Benefits from Day One
- Paid Days Off from Day One
- Career Development
- Whole Person Wellbeing Resources
- Mental Health Resources and Support
Our promise to you:
Joining AdventHealth is about being part of something bigger. It’s about belonging to a community that believes in the wholeness of each person, and serves to uplift others in body, mind and spirit. AdventHealth is a place where you can thrive professionally, and grow spiritually, by Extending the Healing Ministry of Christ. Where you will be valued for who you are and the unique experiences you bring to our purpose-minded team. All while understanding that together we are even better.
Schedule: Full Time
Shift: Monday - Friday
Location: Remote
The role you’ll contribute:
The Senior Privacy Analyst of Corporate Responsibility supports the Corporate Responsibility Privacy Manager in the management of the systemwide privacy program. As part of the Corporate Responsibility (CR) Privacy team, the Sr. Privacy Analyst works independently to conduct privacy investigations, perform audits, manage routine tasks, contribute to special project assignments, and facilitate educational sessions as directed. The Sr. Privacy Analyst will assist and manage various tasks necessary to ensure AdventHealth's ongoing compliance with the federal and state privacy and data protection laws and regulations and AdventHealth's policies and procedures. The Sr. Privacy Analyst must deliver outstanding customer service and accept responsibility for maintaining respectful and professional relationships at all times. The position may be performed remotely if desired.
The value you’ll bring to the team:
- Responsible for initial screening of, timely investigation and triaging, as appropriate, of assigned privacy matters, including potential inappropriate access by an unauthorized party, misuse, and loss of sensitive data. This includes conducting thorough and comprehensive investigations, including data gathering, analyses, interviews and summarizing the results in report form at the direction of the Privacy Manager.
- Incidents for review and investigation include, among others, responding to Fair Warning access alert monitoring and Data Loss Prevention (DLP) incidents and patient complaints.
- Investigative responsibilities include conducting data analysis and interviews to inform the investigative process, performing detailed analyses of investigative findings and summarizing the findings in an investigative report, conducting a standard breach risk assessment for each investigation, and following the appropriate steps to complete the investigation.
- Provide support to the Executive Director of Privacy and Education and Privacy Manager in meeting federal and state reporting requirements, including the Office for Civil Rights, regarding breach notification and follow-up investigations.
- Maintain timely and complete updates in the applicable incident management system.
- Coordinate and collaborate with internal and external stakeholders, including Legal, Human Resources, Information Security and Health Information Management, relating to privacy concerns and/or inquiries to ensure compliance.
- Support and assist departments and leaders where appropriate, in implementing corrective action to mitigate effects of inappropriate behavior and activities and document such actions.
- Provide privacy training as needed at the request of the Privacy Manager.
- Continuously improve the methodologies, policies, and procedures to maintain appropriate documentation for all privacy investigation activities.
- Maintain current knowledge of complex federal and state laws, regulations, rules, and guidance applicable to patient privacy and the protection of data.
- Contribute to the Corporate Responsibility department’s risk assessment activities.
- Perform routine surveillance, monitoring and auditing tasks relating to privacy matters in alignment with the CR Work Plan and other procedural elements of the program.
- Participate in and support privacy program projects such as HITRUST Assessment reviews, Third-Party Assurance work groups, etc. and promote activities to foster ongoing information privacy awareness within the organization.
- Responsible for performing, managing, and executing other duties as assigned.
The expertise and experiences you’ll need to succeed:
- Bachelor’s degree in Business, Health Administration, or relevant field
- Minimum three years health care privacy experience.
Please be advised that all licenses and certifications listed are not required. If you only have one or some of those listed, you may still be eligible for this position.
REQUIRED:
- Certification in health care privacy (CHPC) or Certified Information Privacy Professional (CIPP)obtained within first year.
PREFERRED:
- Existing certification in health care privacy (CHPC) or Certified Information Privacy Professional (CIPP).
