Principal Risk Analyst Privacy-Third-Party Risk Management

The Principal Risk Analyst will lead risk business operations special projects investigations legal litigation mitigation development non-employee access and end user awareness/education. Incumbent will provide guidance to the RD unit for day-to-day operational support including project management. Incumbent will demonstrate leadership and represent the RD on project teams committees strike teams and workgroups.

Job Duties and Responsibilities: Supports and develops RD initiatives. Responsible for the design of enterprise business operations including operational growth and development. Leads multi-disciplinary workgroups and projects. Responsible for development of policies and procedures to support the organizations risk tolerance. Gathers and organizes information from a cross-functional investigative team. Works directly with Legal and Human Resources on high risk internal and external investigations. Works directly with Legal and External Counsel on policy regulatory and/or litigation matters (using eDiscovery protocols). Completes documentation to support findings including legal reports SBARs and executive summaries. Responsible for peer review of work unit documentation. Develops and presents Risk training(s) geared towards Mayo Clinic leadership. Has extensive experience in regulatory compliance and investigations that includes:
Deep subject matter expertise in relevant compliance laws and regulations such as privacy compliance investigations revenue cycle compliance device manufacturing compliance general compliance conflict of interest;
Understanding of and ability to apply the Seven Elements of an Effective Compliance Program;
Ability to carry out audits assessments and investigations; and
Ability to use relevant compliance tools including GRC software monitoring tools and issue management software

Ability to follow and apply legal holds and execute proper preservation of evidence and chain of custody protocols. Depending on role this may include the ability to follow proper computer forensic evidence handling advanced knowledge of data preservation acquisition of computing and storage devices either fixed or mobile and more technical forensic investigations.

Must have technical and nontechnical communication skills (verbal and written) analytical aptitude and project management skills. Demonstrates high level integrity and ability to use discretion and maintain confidential information. Other functions and projects as assigned. Some travel may be required to other Mayo Clinic sites and/or training conferences.

Mayo Clinic will not sponsor or transfer visas for this position including F1 OPT STEM.

Bachelors degree and 7 years experience in business analysis compliance privacy insider threat information security human resources risk management information science business administration law enforcement health or science-related fields OR Masters degree and 5 years experience in business analysis compliance privacy insider threat information security human resources risk management information science business administration law enforcement health or science-related fields. Masters of Healthcare Administration Business Administration or Science preferred. Certified Fraud Examiner (CFE) Certification in Healthcare Compliance (CHC) or Healthcare Privacy Compliance (CHPC) preferred.

Additional Preferred Qualifications:

Demonstrates professional leadership skills. Ability to maintain highest level of confidentiality. Advanced analytical and problem-solving skills. Investigation and audit experience. Ability to work with limited management involvement. Effective training and presentation skills. Knowledge of operational risk best practices effectiveness evaluations and resources. Demonstrated ability to set priorities and to respond to changing demands from multiple sources. Ability to follow-through meet regulatory deadlines anticipate requirements and build relationships. Ability to communicate effectively with diverse groups including attorneys physicians patients allied health staff researchers and vendors. Ability to work collaboratively in a team environment with minimal supervision. Advanced Microsoft Office skills including: Excel Word Visio and Power Point. Some roles require specialized skills e.g. forensic accounting forensic tools insider threat data loss prevention. Incumbent must be able to obtain government security clearances on behalf of the organization.

JD or Masters Degree preferred. or certified as CHC CHPC CCEP CISSP CISM CITPM or relevant equivalent certification; or will obtain certification within 2 years of hire is preferred.