Compliance and Privacy Specialist

Company: Beecan Health
Location: Glendale
Posted on: May 27, 2023

Job Description:

About the job
Are you a person who believes in providing great care? Do you believe in having a positive impact on other people's lives? Are you a team-player, quick-thinker, and ready to be a part of an organization that supports your growth?

WHAT WE'RE ABOUT
We believe care goes beyond a medical chart. With kindness and integrity as our guide, we strive for excellence in every interaction.

Requirements:

• 
  
• You care.
  
  
  POSITION SUMMARY
  The Compliance and Privacy Specialist will serve as a key member of the Beecan Health Compliance Department, instrumental in supporting our people, processes, and technology in compliance with applicable privacy and security policies, laws and regulations. The Compliance and Privacy Specialist acts as the primary point of contact and subject matter resource for HIPAA, Release of Information requests, Business Associate Agreements, and company contracts. This role will be responsible for Compliance and Privacy strategy planning, which may include the following: conduct gap analysis and assessment of compliance in privacy and risk management programs, develop a strategic road map to evolve the privacy and risk management programs and fulfill internal and external compliance and privacy audits or assessments.
  
  The candidate should have exposure to U.S. privacy and data protection laws and regulations, fair information practices and core privacy and data protection principles, online privacy, and information security to support Beecan Health's Compliance program to meet regulatory and contractual standards for the company's lines of business.
  
  
• Develops document management, privacy, and data governance frameworks, including participation in identifying, testing, planning, evaluation, implementing, and administering governance, risk, and compliance (GRC) tools and systems utilized by team members throughout the organization.
  
• Monitors, facilitates, and supports annual reports and self-certifications, such as cybersecurity, diversity, privacy, conflict of interest, and other compliance reporting and assessments.
  
• Assists with triage, problem-solving, and management of issues where a compliance risk may be present.
  
• Develop continuous improvements to compliance, privacy governance & risk management program.
  
• Provides guidance and enforces policies and procedures.
  
• Provide regular program status reports and metrics to management.
  
• Fulfill internal and external program audits or assessments.
  
• Assist in the development and delivery of privacy training and awareness.
  
• Participate in external compliance and data privacy-related organizations to share and collaborate on best practices.
  
• Planning, designing, and implementing an overall risk management process for privacy.
  
• Conduct privacy impact assessments to assess and mitigate risks related to processing, transmission and storage of PII/PHI data specific privacy-related requirements and potential vulnerabilities, including managing the privacy impact assessment process.
  
• Participates in new business initiatives to identify and escalate compliance and privacy considerations.
  
• Ensures that departments, facilities, and vendors are complying with the compliance and privacy program and meeting compliance and privacy policy requirements and addresses compliance and privacy concerns.
  
• Collaborates with and assist partnering departments to develop action plans for identified compliance and privacy operations, CAPs, regulatory requirements, and compliance updates.
  
• Continuously monitors the status and effectiveness of compliance and privacy controls.
  
• Ensure privacy-related key risk indicators are effectively monitored to prevent an unacceptable impact on business objectives and reputation.
  
• Assist with implementing privacy and data protection requirements, including how we collect documents, sharing and using personal data. (Personally Identifiable Information (PII) Inventory and Usage)
  
• Continually update and re-evaluate the extent to which resident and staff information is collected and shared internally and externally.
  
• Monitor and approve data requests and release of information (ROI) requests.
  
• Participate in privacy and security incident investigations, incident tracking, response plans, and activities related to privacy and security.
  
• Performs security assessments, categorize, and prioritize assessment findings, responds to audit requests, and monitors for adherence to policies and procedures.
  
• Performs all regulatory assessments including HIPPA, Security Controls Review and Accreditation.
  
• Performs daily risk management activities including maintaining a risk dashboard and documentation.
  
• Partners with the IT Department to manage phishing campaigns, tabletop exercises, and conducts security awareness trainings.
  
• Executes procedures to assess and measure compliance with the organization's security policies and procedures.
  
• Partners with internal teams to review all regulatory changes and works with the IT Department to ensure their solutions are compliant with regulatory requirements.
  
• Documents, investigates, and reports security compliance issues.
  
• Participates in the resolution of risk and compliance issues with appropriate stakeholders.
  
• Collaborates with appropriate departments for assessments, audit requirements, and Corrective Action Plan (CAP) remediation's.
  
• Consults across business operations, providing mentorship, and contributing specialized knowledge.
  
• Performs other duties as assigned.
  
  
  The above listing of duties and responsibilities are not intended to be all-inclusive but rather to serve as a description of the range of duties and general nature of the position. Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.
  
  KNOWLEDGE, SKILLS, ABILITIES & QUALIFICATIONS
  
  
• Minimum two (2) years of Compliance and Privacy experience.
  
• Bachelor's degree in related field, preferred or possess equivalent experience.
  
• High School Diploma or GED required.
  
• Experience working for a skilled nursing facility or in the health industry highly preferred.
  
• Experience in compiling, coordinating, and analyzing regulatory requirement data.
  
• Experience with compliance audits and assessments.
  
• Excellent critical thinking and problem-solving skills.
  
• Heavy writing / composition experience.
  
• Ability to manage multiple tasks and deliverables in a fast-paced environment.
  
• Strong computer skills - MS Office (Excel, Word, PowerPoint).
  
• Experience using Excel functions such as macros, external data connections, pivot tables, charts, and conditional formatting, preferred.
  

Keywords: Beecan Health, Glendale , Compliance and Privacy Specialist, Other , Glendale, Arizona