The HIPAA Privacy Officer is responsible for ensuring compliance with the Health Insurance Portability and Accountability Act (HIPAA) regulations, with a focus on privacy requirements by managing and overseeing the organization's HIPAA privacy program. Additionally, the Privacy Officer collaborates with other departments to ensure compliance with other relevant laws and regulations.

Duties/Responsibilities:

• Develops, implements, and maintains the organization's HIPAA privacy program in accordance with applicable laws, regulations, and guidelines.
• Conducts regular privacy risk assessments to identify potential vulnerabilities and ensure compliance with HIPAA privacy and security requirements.
• Works closely with the Chief Information Officer and other stakeholders to develop and implement strategies for achieving and maintaining HIPAA compliance.
• Develops and maintains comprehensive policies and procedures related to HIPAA privacy and security, including data access, use, and disclosure, aligning with emerging industry best practices and standards.
• Develops and delivers HIPAA privacy and security training programs to all employees, contractors, and other relevant parties within the organization.
• Conducts regular training sessions to ensure ongoing awareness and understanding of HIPAA requirements, including changes in regulations and organizational policies.
• Provides guidance and support to staff regarding privacy and security matters, including responding to inquiries and addressing concerns.
• Oversees investigations and resolutions of privacy breaches, complaints, or violations of HIPAA regulations.
• Develops and implements incident response plans to address privacy and security incidents promptly and effectively.
• Collaborates with departments and external resources to ensure appropriate action is taken in response to incidents.
• Monitors and audits privacy and security practices across the health system to ensure compliance with HIPAA regulations.
• Conducts internal audits and assessments to identify areas of non-compliance and implements corrective measures.
• Stays informed about emerging privacy and security risks, industry trends, and best practices, and makes recommendations to enhance the organization's compliance efforts.
• Assists with utilization reviews, monitors billing and coding accuracy, and adherence to patient rights as needed.

Education:

Bachelor’s Degree in Information Technology, Healthcare Administration, Business or related area required. Advanced degree preferred.

Experience:

Minimum of three years of experience working in healthcare, preferably in compliance or related field.

Licensure/Certification:

Certified in Healthcare Privacy and Security or other relevant certifications as appropriate.