Position Summary:

　　Responsible for coordinating system-wide HIPAA Privacy & Security program, including coordinating, documenting, performing and reporting HIPAA activities throughout the corporation. Compiles, analyzes, and evaluates data using statistical methods, benchmark data or other comparative measures using designated databases. Works collaboratively with MHC HIPAA Council and other departments/stakeholders to identify opportunities to correct deficiencies. Identifies and provides departmental and provider specific educational needs. Provides complete and concise fact-finding, document gathering and analysis on any HIPAA compliance matters under observation and/or investigation.

　　Essential Functions and Responsibilities

　　:

　　1.

　　In collaboration with Compliance leadership, assist to develop, coordinate and monitor both the internal strategic plan and compliance annual workplan.

　　2.

　　Directs and oversees breach investigations impacting corporate and/or multiple subsidiaries, including working with external legal counsel, as directed, to ensure timeliness with external reporting requirements.

　　3.

　　Responsible to coordinate annual review of HIPAA Policies and procedures and work in collaboration with compliance leadership on new HIPAA policies.

　　4.

　　Monitors subsidiary’s compliance with corporate and subsidiary security policies and procedures among employees, contractors and other third parties and takes corrective action.

　　5.

　　Provides support and oversight for all internal HIPAA activity to ensure that timelines and process are met.

　　a.

　　Creates, monitors, and modifies standard work instructions as necessary, to maintain effective, timely and efficient processes.

　　b.

　　In conjunction with other staff, conducts HIPAA breach risk assessments according to policy and regulations.

　　c.

　　Participates in defining HIPAA strategic goals for the Annual Work Plan across one or more subsidiaries and creates documentation to support work performed.

　　d.

　　Responsible for monitoring and responding to inquiries sent to [email protected].

　　e.

　　Coordinates all requests related to amendments, restrictions, opting out of the facility directory, accounting and access under the HIPAA Privacy Regulations.

　　f.

　　Compiles, analyzes and evaluates information related to either the initial inquiry or formal investigation related to compliance referrals.

　　Identifies patterns or trends to make reports according to established procedures.

　　g.

　　Monitors changes in regulations that affect HIPAA and communicates accordingly.

　　h.

　　Appropriately documents HIPAA and other assigned activities in ComplyTrack

　　i.

　　Prepares correspondence based on level of knowledge and experience.

　　j.

　　Provides recommendations for improvements, based on findings, and assists in implementing action plans.

　　k.

　　Performs follow-up reviews to assess adequacy of implemented action plans.

　　6.

　　Coordinates with applicable systems and subsidiaries for standardization of role-based access and provisioning within access request processes.

　　7.

　　Serves as facilitator/team leader for assigned designated corporate committees, to evaluate improvement opportunities and design compliance processes about audit and investigation findings.

　　Qualifications:

　　Required:

　　Associate Degree in healthcare related field

　　2 years of HIPAA Privacy/Security related experience

　　2 years of compliance or related experience.

　　Certified in Healthcare Privacy Compliance (CHPC) – required to obtain within 18 months of hire.

　　Preferred

　　Bachelor’s Degree in Healthcare, Business, or related field

　　1 year of health information management or compliance experience

　　Certified in Healthcare Compliance (CHC)