Associate HIPAA Privacy & Data Security Director
Share
Job Location:
Monthly Salary:
Posted on:
2 hours ago
Vacancies:
1 Vacancy
Department:
Job Summary
Under the direction of the Chief Privacy Officer and in close collaboration with the Chief Information Security Officer the Associate Privacy & Data Security Director will assist with maintaining an effective privacy and data security program including but not limited to providing consultative services on privacy and patient confidentiality issues developing and reviewing policies and procedures and oversee the privacy and data security program.
Primary Job Duties:
- Initiates facilitates and promotes activities to foster a culture of privacy and data security compliance within Privia
- Provides guidance and direction on HIPAA Privacy and Security rules and other applicable federal and state health care privacy laws
- Assists in the development implementation and maintenance of administrative physical and technical safeguards for personally identifiable data including but not limited to managing user access enforcing least-privilege principles and maintaining system audit logs
- Periodically reviews and proposes revisions to Privias Privacy and Security Policies and Procedures and guidance materials to facilitate compliance with new privacy or cybersecurity-related laws/regulations or changes to existing federal state and local privacy or cybersecurity rules and regulations
- Collaborates with the CPO and CISO on the development of privacy and security training modules
- Assists ongoing privacy and security compliance monitoring and auditing activities including staff awareness programs on phishing ransomware and insider threats
- In collaboration with the CPO and CISO supports investigations of privacy and security incidents breach risk assessments and reporting to affected individuals and when needed HHS-OCR or other applicable agencies
- Maintains rapport with all business units to facilitate spirit of collaboration
- Collaborates with Information Security including conducting and reviewing security risk assessments to facilitate the implementation of effective mitigation of identified risks
- Assists with the implementation and management of PCI-DSS standards and SOX controls
- Other duties as assigned
Qualifications :
- Demonstrated knowledge in HIPAA Privacy HIPAA Security applicable state Privacy statutes and regulations NIST Cybersecurity framework 405(d) Health Industry Cybersecurity Practices PCI and SOX
- Working knowledge of medical group operation processes
- Ability to detect deficiencies in processes and determine needs to improve outcomes
- 5 years of general healthcare privacy and security compliance experience with knowledge of medical group operations and physician services
- 5 years of experience in regulatory research and knowledge of federal state healthcare privacy and security requirements
- HIPAA Privacy Officer or Security Officer experience preferred
- Certified in Healthcare Privacy Compliance (CHPC) or other relevant certifications strongly preferred.
The salary range for this role is $118000-$128000 in base pay and exclusive of any bonuses or benefits (medical dental vision life and pet insurance 401K paid time off and other wellness programs). This role is also eligible for an annual bonus targeted at 15% and restricted stock units. The base pay offered will be determined based on relevant factors such as experience education and geographic location.
Additional Information :
All your information will be kept confidential according to EEO guidelines.
Technical Requirements (for remote workers only not applicable for onsite/in office work):
In order to successfully work remotely supporting our patients and providers we require a minimum of 5 MBPS for Download Speed and 3 MBPS for the Upload Speed. This should be acquired prior to the start of your employment. The best measure of your internet speed is to use online speed tests like This gives you an update as to how fast data transfer is with your internet connection and if it meets the minimum speed requirements. Work with your internet provider if you have questions about your connection. Employees who regularly work from home offices are eligible for expense reimbursement to offset this cost.
Privia Health is committed to creating and fostering a work environment that allows and encourages you to bring your whole self to work. We understand that healthcare is local and we are better when our people are a reflection of the communities that we serve. Our goal is to encourage people to pursue all opportunities regardless of their age color national origin physical or mental (dis)ability race religion gender sex gender identity and/or expression marital status veteran status or any other characteristic protected by federal state or local law.
Remote Work :
Yes
Employment Type :
Full-time
Key Skills
- Crisis Management
- Splunk
- Google Cloud Platform
- Cybersecurity
- Identity & Access Management
- Management Experience
- PCI
- NIST Standards
- Emergency Management
- Security
- Information Security
- Encryption
About Company
Privia Health is a national physician platform transforming the healthcare delivery experience. We provide tailored solutions for physicians and providers, creating value and securing their future. Through high-performance physician groups, accountable care organizations, and popul ... View more
