Privacy Manager

Massachusetts General Hospital is an Equal Opportunity Employer. By embracing diverse skills perspectives and ideas we choose to lead. Applications fromprotected veterans and individuals with disabilities are strongly encouraged. Under the general direction of the Director of Health Information Services the Privacy Manager is responsible for ongoing activities related to the development implementation and maintenance of a hospitalwide privacy and security program. Oversight of the program would include the following components:1 Development and adherence to goals and objectives in alignment with overall Health Information Services strategies Partners Privacy and Information Security standards MGH/MGPO policies and state and federal regulations;2 Identification and maintenance of appropriate level of resources (human and technical) to carry out the functions and operations of the Privacy Office;3 Development and oversight of an organizationalwide privacy & security training and education program;4 Operational management of a privacy and security compliance assurance program.To facilitate and carry out goals and objectives of Health Information Services in order to meet and/or exceed patient physician and customer expectations.To ensure forward progression of Health Information Services toward advancing and remaining at the leading edge of quality and technology through methods including process reengineering.To assist Health Information Services in managing and reducing risk (i.e. compliance quality of care medical identity theft and reimbursement issues) associated with inadequate privacy and security standards or tools in place. Establish implement and maintain an ongoing hospitalwide privacy and security education and training program. Incorporate efficient processes to manage enrollment of entire MGH/MGPO workforce along with training compliance and documentation. Implement strategies and techniques which will allow for maximum understanding and application of training material by staff into day to day work life. Perform ongoing hospitalwide privacy and security risk assessments in response to changing environment operational changes or significant events in order to continually safeguard patient and employee confidential and protected health information. Conduct ongoing compliance monitoring activities in coordination with MGH/MGPOs other compliance and operational assessment functions. Work closely with MGH/MGPO Information Security Officer to ensure that the information security environment supports the privacy policies. Work with other key areas including legal counsel compliance and department management and medical staff leadership to ensure MGH/MGPO has and maintains appropriate privacy and confidentiality consent documents authorization forms and information notices and materials reflecting current hospital and legal practices and requirements. Provide recommendation and guidance towards the identification revision implementation and maintenance of MGH/MGPO privacy and security policies and procedures in coordination with the Information Security Officer and Privacy Officer. Participates in the development implementation and ongoing compliance monitoring of business associate agreements to ensure all privacy concerns requirements and responsibilities are addressed. Establishes with management and operations a mechanism to track access to protected health information within the purview of the Hospital as required by law and to allow qualified individuals to review or receive reports on such activities. Works cooperatively with appropriate managers and other administration in overseeing patients rights to inspect amend and restrict access to protected health information. Establishes and administers a process for receiving documenting tracking investigating and taking action on all complaints concerning Hospital privacy policies and procedures in coordination and collaboration with other similar functions. Ensures compliance with privacy practices and consistent application of sanctions for failure to comply with privacy policies for all staff and employees in cooperation with Human Resources as applicable. Facilitates and promotes activities to foster privacy and confidentiality awareness throughout the hospital. Serves as a member of the Privacy & Confidentiality Committee. Reviews all systemrelated information security plans throughout the Hospital network to ensure alignment between security and privacy practices and acts as a liaison to the information systems department. Maintains current knowledge of applicable federal and state privacy laws and accreditation standards and monitors advancements in information privacy technologies to ensure Hospital adaptation and compliance. Serve as internal privacy consultant to all departments and appropriate entities. Cooperates with the Office of Civil Rights other legal entities and organization officers in any compliance reviews or investigations. Participate in the planning process for the growth of Health Information Services. Research identify and develop new and innovative methods and applications for the continued transition from a paper to an electronic medical record in order to support the organization with high quality cost effective value service and solutions. Collaborate with clinicians and other health professionals external to Health Information Services in order to accomplish goals and maintain relationships required for cross departmental cooperation and projects. Interview and select candidates for employment. Orient train supervise schedule and assign work. Outline job responsibilities of employees under supervision. Initiate recommend and/or approve personnel actions including but not limited to hiring transferring suspending discharging assigning rewarding disciplining or adjusting of grievances involving personnel. Prepare and conduct performance evaluations and recommend appropriate merit increases for subordinates. Participate in relevant professional activities and organizations and share information with staff. Participate in Health Information Services administrative manager meetings and attend other meetings as assigned. Participate in appropriate role in disaster and fire drills fires and other emergency situations. EDUCATION:Masters Degree in health care related area preferred. Health Information Management Information Systems or Law Degree preferred.Strong working knowledge in health information privacy and security.EXPERIENCE:57 years of progressive health related managerial experience.57 years of experience in working with various health information systems and applications.57 years privacy and security experience. Ability to effectively communicate to groups at various professional levels i.e. healthcare providers managers and staff in order to accomplish goals and objectives while maintaining good working professional relationships. Individual must possess the knowledge skills and abilities in order to gain credibility as the internal privacy and security expert/consultant. Ability to manage proactively through problem identification and resolution. Identify educational needs and implement successful educational campaigns trainings and performance improvement processes. Ability to successfully manage multiple simultaneous projects (plan develop and implement) while understanding and keeping focused on priorities. Ability to work independently yet earn the reputation of being a team player. Ability to exhibit critical and systems thinking skills. Ability to perform business and financial analyses such as return on investment and costbenefit analyses. Ability to analyze interpret and apply metrics towards operations and strategic planning purposes. Ability to display a professional image reflected in behavior maturity and demonstrated integrity.