HIPAA COMPLIANCE ANALYST -

Minneapolis MN Client seeks a HIPAA Compliance Analyst.

Requirements

• Experience with regulated HIPAA environments
• Experience with audit or risk management oversight activities
• Experience with developing and implementing holistic solutions within a primarily Linux Operating System (OS) environment
• Experience advising on riskbased prioritization and remediation strategies
• Experience collaborating with other security operations and system administrator professionals to determine adequate mitigations
• Ability to approach compliance both strategically and tactically
• Current technical knowledge and understanding of threats emerging threats and vulnerabilities

Preferred

• Experience with highperformance computing environments
• Experience with academic medicine academic research or other similar environments
• Experience with other regulated environments such as NIST 800171 CMMC
• Experience with governance structures in a large/decentralized organization
• Experience balancing operational and collaborative needs with data security and privacy requirements
• System administration experience
• Coding/scripting experience (e.g. python powershell etc.)
• One or more of the following certifications:
  • HCISSP
  • CISSP
  • CISSPISSMP
  • CRISC
  • CISA
  • CISM
  • GPEN
  • GCWN
  • GWAPT
  • GXPN

Projected Start Date: April 2024 for initial 6 month contract.

Deliverables

• Consult with client staff to complete a Gap Analysis to Information Security Policy and HIPAA Controls using the existing Client processes
• Add specific details and supporting documentation as relevant.
• Consult with Client staff to Utilize Gap Analysis to Information Security Policy and HIPAA Controls to:
• Define requirements for HIPAA Compliance program
• Document a sixmonth project plan for initial design and implementation
• Document tracked progress against deadlines
• Consult with Client staff to develop and document processes and procedures that meet Clients Information Security Policy and HIPAA requirements
• Include RACI/RASCI where needed
• Document additional analysis of HIPAA Compliance needs as necessary

Job Duties

• Propose mitigation plans and strategies for identified compliance gaps
• Maintain alignment with the Clients overall HIPAA Compliance program and strategy
• Define and monitor the execution of activities to mitigate the gaps identified in the gap analysis Client has completed
• Provide HIPAA Expertise to the project team by reviewing implemented architecture controls procedural evidence and documentation with a compliance and audit lens
• Lead a crossfunctional team to collaborate and execute the project plan
• Consult with Client on building sufficient documentation of procedures and evidence of executed processes to meet compliance requirements and prepare for future investigations audits or assessments
• Provide weekly status reports to Manager and Leadership
• Provide guidance to comply with Client Policy and other relevant frameworks
• Prioritize and oversee remediation activities ensuring appropriate timely and complete resolution based on risk