Jobs · Finance · Georgia

Sr Privacy Officer

University of Rochester · Roswell, Georgia, United States · 3 wk ago
Finance$77k–$116k/yrFull-time

Responsibilities

  • Responsible for the privacy of protected health information through ongoing activities consisting of development, implementation, maintenance of and adherence to University of Rochester policies and procedures in compliance with federal and state laws.
  • Serves as primary privacy consultant for designated areas of responsibility.
  • Interprets Health Insurance Portability and Accountability Act (HIPAA) privacy regulations together with state and other federal laws regarding confidentiality of protected health information (PHI).
  • Develops and advises on entity-specific relevant policies related to privacy and confidentiality of patient information.
  • Collaborates and contributes with Chief Privacy Officer to identify, develop, implement and maintain system-wide privacy policies and procedures.
  • Collaborates with senior leadership as appropriate.
  • Ensures entity-specific policies and procedures are updated in accordance with policies.
  • Receives, documents, tracks, investigates and takes action on patient, family and workforce member initiated privacy complaints and breaches.
  • Maintains appropriate breach notification risk assessments, files, documentation, etc.
  • Apprises and involves Chief Privacy Officer if/when appropriate.
  • Performs ongoing audit reviews and monitoring of activities, requiring knowledge of electronic medical record systems and in-depth understanding of auditing tools to ensure compliance with federal privacy regulations and policies.
  • Implements and oversees development of corrective action plans and required procedural changes in response to violations of privacy policies and practices.
  • Apprises and involves Chief Privacy Officer and senior leadership if/when appropriate of issues, concerns and progress in dealing with privacy related issues affecting the organization.
  • Serves as consultant and/or subject matter expert in organizational privacy activities, such as health system-wide Privacy Workgroup, Privacy Officer Committee, Regional HIPAA Group, Research Committees, Policy Management Team and other committees, as appropriate.
  • Serves as advisor on HIPAA to Institutional Review Board as required.
  • Maintains current knowledge of privacy guidelines as they pertain to research to ensure compliance with research guidelines and regulations.
  • Ensures areas of responsibility utilize and maintain appropriate privacy authorizations, consents, notices and materials reflecting organization privacy practices and legal requirements.
  • Reviews and negotiates terms of business associate agreement contracts for vendors who perform a function of a business associate as defined in the privacy regulation for areas of responsibility.
  • Serves as liaison with Forms Management vendor.
  • Develops content for mandated privacy training of workforce members.
  • Oversees and ensures delivery of privacy training and orientation to employees, physicians and other workforce members in entity/entities of responsibility.
  • Keeps workforce current with updates, changes and necessary information as they relate to privacy issues.
  • Authors and publishes privacy materials on intranet for ongoing knowledge and awareness of privacy.
  • Ensures adherence to patient rights as mandated under HIPAA regulations, including inspections, receipt of copies, amendments to patient health and billing records, restrictions of disclosures, requesting confidential communications and receiving disclosure tracking reports of access to protected health information.
  • Works closely with the Health Information Management Department and other appropriate parties to manage patient rights in the Privacy Rule.
  • Serves as privacy liaison for users of clinical and information systems, including Rochester Regional Health Information Organization (RHIO).
  • Serves as liaison to regulatory and accrediting bodies for matters relating to privacy.

Qualifications

  • Bachelor's degree and 4 years of healthcare administration, information systems, compliance, auditing or related experience required
  • Or equivalent combination of education and experience
  • Nationally recognized certification in health information management upon hire preferred

Similar jobs

Sr Director, Privacy

DaVita Kidney CareDenver, CO· 1 wk ago
Management$129k–$205k/yrapply on careers.davita.com

Privacy Officer

Amalgamated BankNew York, NY· 2 mo ago
Finance$130k–$150k/yrapply on workforcenow.adp.com

HIPAA Privacy Officer

Fresenius Medical CareWaltham, MA· 1 wk ago
Finance$97k–$163k/yrapply on jobs.freseniusmedicalcare.com