close-menu

Privacy Specialist ll

Mass General Brigham

Not Interested
Bookmark
Report This Job
profile Job Location:

Somerville, NJ - USA

profile Monthly Salary: $ 63648 - 90750
Posted on: Yesterday
Vacancies: 1 Vacancy
Register to Apply

Job Summary

Site: Mass General Brigham Incorporated


Mass General Brigham relies on a wide range of professionals including doctors nurses business people tech experts researchers and systems analysts to advance our mission. As a not-for-profit we support patient care research teaching and community service striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham.



Job Summary

Mass General Brigham is seeking a Privacy Compliance Specialist II to advance its enterprise-wide privacy compliance program across its network. The Privacy Specialist II will support the enterprise privacy program with a focus on incident response third-party risk technology onboarding and compliance with the new DOJ Data Transfer Rule governing sensitive personal data and bulk data transfers. This role will partner closely with clinical research Digital and business operations teams to ensure appropriate handling of PII PHI and other regulated data across the organization.

This role ensures compliance with health and data privacy laws including the HIPAA Privacy and Security Rules HITECH 42 CFR Part 2 US state privacy laws GDPR international privacy laws and the Department of Justices Data Transfer Rule. Key responsibilities include privacy incident investigations documentation mitigation and notifications to affected individuals and regulators; privacy audits; Privacy Impact Assessments; system/vendor privacy evaluations; data transfer reviews website and application privacy consults drafting Terms of Use; and advising on AI privacy risks. The Privacy Specialist II serves as a trusted business partner and privacy subject matter expert adviser to various stakeholders throughout the organization including Human Resources Supply Chain Information Security Health Information Management Digital and MGBs Health Plan. The Privacy Specialist II leads privacy training presentations and partners with the Privacy Training Program leadership to design deliver and maintain the organizations privacy compliance training program. The Specialist also leads process improvement initiatives for the department.

Essential Functions

-Develop update maintain and advise on the hospitals privacy policies and procedures in alignment with federal state and local privacy regulations including the Health Insurance Portability and Accountability Act (HIPAA) the Health Information Technology for Economic and Clinical Health (HITECH) Act 42 CFR Part 2 U.S. state privacy laws U.S. Department of Justice Data Transfer rules GDPR and international privacy regulations.

-Conduct regular privacy training sessions for hospital staff and employees to ensure understanding and compliance with privacy policies and safeguarding PHI.

-Perform periodic privacy audits and assessments to evaluate the effectiveness of privacy controls and identify areas for improvement.

-Respond to privacy incidents and breaches conduct investigations and implement corrective actions to prevent future incidents.

-Conduct privacy risk assessments to identify potential vulnerabilities and develop strategies to mitigate privacy risks.

-Develop prepare and present privacy metrics audit results and data-driven insights to leadership

-Respond to patients and their families related to privacy rights and inquiries.

-Prepare and submit reports on privacy compliance to hospital leadership and regulatory authorities as required.


Qualifications

Education

  • Bachelors Degree in a related field of study required

  • Masters Degree Related Field of Study or Juris Doctor in related field of study preferred

Experience

  • 2 years of healthcare privacy compliance experience required

  • Demonstrated experience interpreting and applying HIPAA HITECH and other federal state international privacy regulations preferred

Certifications:

  • CHPC CIPP/US CIPP/E CIPM or comparable privacy certifications preferred


Knowledge Skills and Abilities

  • In-depth knowledge of privacy laws regulations and standards including HIPAA HITECH and state privacy laws as well as their application in healthcare settings.

  • Excellent communication and interpersonal skills to interact with hospital staff patients and regulatory authorities regarding privacy matters.

  • Strong analytical and problem-solving skills to conduct privacy risk assessments and respond to privacy incidents effectively.

  • Ability to manage multiple priorities and tasks ensuring timely completion of privacy-related initiatives.

Regulatory Compliance & Monitoring

  • Ensure compliance with HIPAA Privacy and Security Rules HITECH 42 CFR Part 2 U.S. state privacy laws GDPR and international privacy regulations.

  • Plan for and guide implementation of emerging state privacy legislation including the anticipated Massachusetts comprehensive privacy law expected in 2026.

  • Monitor and advise on data transfer requirements and safeguards including developments related to DOJ-rule.

  • Monitor and implement safeguards for website privacy geolocation data and patient portal security.

  • Continuously track regulatory changes and translate requirements into updated policies procedures and controls.

Risk & Vendor Assessments

  • Conduct HIPAA/HITECH privacy risk assessments and formal Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) documenting findings and mitigation plans.

  • Perform vendor/business associate privacy assessments and contract reviews to ensure third-party compliance with regulatory and contractual obligations.

  • Advise on AI privacy risk assessmentsevaluate data use algorithmic transparency model governance and regulatory/ethical compliance in clinical and operational AI solutions.

  • Manage GDPR reporting obligations to controllers and where applicable supervisory authorities/Data Protection Authorities (DPAs).

Auditing & Incident Management

  • Conduct proactive EHR audits (e.g. inappropriate access snooping break-the-glass events) and trend monitoring to detect and prevent privacy violations.

  • Design and implement privacy safeguards and terms of use for digital health services.

  • Conduct all aspects of privacy incident investigationsincluding root cause analysis containment and remediation planning risk assessment documentation and ensure timely notifications to affected patients research participants employees and to state/federal agencies and regulators as required.

Policy Development & Implementation

  • Develop maintain and operationalize privacy policies and standards tailored to healthcare provider operations

  • Embed privacy-by-design into clinical administrative and digital workflows;

  • Lead process improvement initiatives to strengthen privacy compliance and operational efficiency.

  • Coordinate corrective actions and remediation plans for identified compliance gaps findings and audit issues.

Collaboration Analytics & Reporting

  • Partner with IT Security Legal Compliance Research HR Health Plan Operations and clinical leadership to align privacy practices and controls.

  • Develop privacy metrics and dashboards.

  • Prepare and present privacy metrics audit results and data-driven insights to leadership and regulatory bodies as needed; support committee reporting.

  • Act on behalf of the Privacy Program Manager when requested to represent the privacy function in meetings and initiatives.

Training Communications & Education

  • Lead privacy training presentations tailored to clinical staff administrative teams researchers students interns and business associates.

  • Assist the Privacy Program Manager in designing scheduling and maintaining the privacy compliance training program;

  • Develop content for privacy awareness (e.g. website newsletters targeted communications) and foster a culture of privacy across the organization.

Performs other duties as assigned

Complies with all policies and standards


Additional Job Details (if applicable)


Remote Type

Remote


Work Location

399 Revolution Drive


Scheduled Weekly Hours

40


Employee Type

Regular


Work Shift

Day (United States of America)



Pay Range

$63648.00 - $90750.40/Annual


Grade

6


At Mass General Brigham we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive and any offer extended will take into account your skills relevant experience if applicable education certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however it does not encompass all elements contributing to your total compensation addition to competitive base pay we offer comprehensive benefits career advancement opportunities differentials premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply and our Talent Acquisition team will provide an overview of your potential compensation and benefits package.


EEO Statement:

0100 Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religious creed national origin sex age gender identity disability sexual orientation military service genetic information and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process to perform essential job functions and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973 the Vietnam Veterans Readjustment Act of 1974 and Title I of the Americans with Disabilities Act of 1990 applicants who require accommodation in the job application process may contact Human Resources at .


Mass General Brigham Competency Framework

At Mass General Brigham our competency framework defines what effective leadership looks like by specifying which behaviors are most critical for successful performance at each job level. The framework is comprised of ten competencies (half People-Focused half Performance-Focused) and are defined by observable and measurable skills and behaviors that contribute to workplace effectiveness and career success. These competencies are used to evaluate performance make hiring decisions identify development needs mobilize employees across our system and establish a strong talent pipeline.


Required Experience:

IC

Site: Mass General Brigham IncorporatedMass General Brigham relies on a wide range of professionals including doctors nurses business people tech experts researchers and systems analysts to advance our mission. As a not-for-profit we support patient care research teaching and community service striv...
View more view more

Key Skills

  • Sales Experience
  • Crane
  • Customer Service
  • Communication skills
  • Heavy Equipment Operation
  • Microsoft Word
  • Case Management
  • OSHA
  • Team Management
  • Catheterization
  • Microsoft Outlook Calendar
  • EHS
Apply Now

About Company

Mass General Brigham
Company Logo

Patients at Mass General have access to a vast network of physicians, nearly all of whom are Harvard Medical School faculty and many of whom are leaders within their fields.

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click

AI AutoApply

AI Resume Builder

Create an ATS-ready CV in minutes

AI Resume Builder

AI Cover Letter

Write a personalized letter instantly

AI Cover Letter

Related Jobs

SP Autonomy Test Specialist

Westfield Consulting Partners

profile Austin

Automotive Check In Specialist

Sonic Automotive

profile New Braunfels

Operations Systems and Data Specialist

City Of New York

profile New York City

Program Innovation & Resource Development Specialist

City Of New York

profile New York City

Customer Data Specialist

Au Natural Organics Company

profile Maui

Technical Support Specialist

Fgs Advisors, Llc

profile Romeo

Operator ll, Powders 2nd Shift

Hach

profile Ames

Director of Workplace, Compliance and Privacy Investigations

Elara Caring

profile Dallas
  1. Home
  2. Jobs In USA
  3. Jobs In New Jersey
  4. Jobs In Somerville
  5. Privacy Specialist ll
About Dr.Job

Dr.Job is an AI-powered career platform that bridges the gap between employers and talented job seekers. Since 2015, we have been one of the leading job portals in the UAE, trusted by thousands daily to find opportunities faster and smarter. Today, Dr.Job is expanding worldwide, connecting professionals and employers across borders. With AI-driven tools for resume building, interview preparation, and automated applications, Dr.Job empowers job seekers to land their dream roles and helps employers find top talent with accuracy and speed.

Follow Dr.Job
Payment accepted icon
Company
Popular Searches
Employer
Quick Links
Job seeker
Jobs by Countries

Dr Job FZ LLC. 2026 © All Rights Reserved

Terms of Use. Privacy Policy. Cookie Policy