Information Privacy Officer

Description

Position Summary

A leading San Francisco healthcare provider is seeking an Information Privacy Officer position to join their team on a contract to hire basis. You will provide subject-matter guidance and support to the enterprise as needed to ensure the understanding of, risks around, threats to, analysis, strategy and overall management of patient information and privacy. The focus is on safeguarding patient privacy through comprehensive privacy and data access governance, control enhancement and monitoring, support for the organization's data related risk and compliance efforts, external audit support, investigations, and standard and policy development. You will also work across the enterprise to generate awareness of privacy requirements and standards, and provide support to departments during business and system process development and review. You will support the CPO in development of executive strategies and activities designed to ensure the security of patients' information.

Qualifications

Minimum Qualifications

-

• Knowledge in and the ability to apply the principles of HIM, project management, and change management.
• 5 years of related experience
• BA/BS or equivalent work experience in business or other relevant discipline

Responsibilities

• Supports creation of internal and external procedures and controls for access to enterprise customer data to ensure compliance with all relevant privacy and data protection laws and contractual commitments. Works with Compliance Team as needed.
• Analyzes relevant privacy and data protection issues including required privacy notices, regulatory filings, relevant process and infrastructure requirements, and industry trends and best practices.
• Performs initial and periodic information privacy risk assessments/audits and conducts related ongoing compliance monitoring activities.
• Works with legal counsel, management, key departments, and committees to ensure the organization has and maintains appropriate privacy and confidentiality consent, authorization forms, and information notices and materials reflecting current organization and legal practices and requirements.
• Participates in the development, implementation, and ongoing compliance monitoring of all trading partner and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.
• Establishes with management and operations a mechanism to track access to protected health information, within the purview of the organization and as required by law
• Reviews all system-related information security plans throughout the organization's network to ensure alignment between security and privacy practices, and acts as a liaison to the information systems department.

privacy laws, access, release of information, and release control technologies.