INTEGRIS Job - 34492484 | CareerArc
  Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Location: Oklahoma City, OK
Career Level: Director
Industries: Healthcare, Pharmaceutical, Biotech


Program Director Privacy - Compliance Department - INTEGRIS

Job Code: 0204

Position Summary:

Serves as the resource for implementation of the privacy requirements under HIPAA and federal and state laws. Serves as the resource for implementation of the privacy requirements under HIPAA and federal and state law Responsible for the development, implementation and periodic review of privacy related principles, policies and procedures; the development and facilitation of privacy training and education programs covering the privacy of, and access to, patient health information in compliance with federal and state laws and the healthcare organizations information privacy practices. Will provide direction in the implementation of administrative, technical and physical procedures to protect the privacy of protected health information. Will continually assess the state of privacy practices and conduct risk/gap analysis. Will address privacy problems to appropriate liaison and other appropriate responsible parties, including executive management or Board Committees in one-on-one or group meetings and presentations. Will advise and verify when privacy related regulatory changes are made and ensure that proper changes are implemented. Will be the authority to answer and address questions from all system facilities, clinics, agencies, and/or responsible parties. Coordinates with Security Official and works closely with Leaders and security officials in development and monitoring of security practices. Develops the privacy audit plan and assists with the development of audit and monitoring methods with respect to privacy issues. Reviews, generates and disseminates audits and privacy related reports. Is a self-starter with the ability to handle several diverse projects/assignments simultaneously and will utilize critical thinking skills in problem resolution, analysis, and negotiation.

INTEGRIS is an Equal Opportunity/Affirmative Action Employer. All applicants will receive consideration regardless of membership in any protected status as defined by applicable state or federal law, including protected veteran or disability status.

Essential Functions:

The Program Director Privacy responsibilities include, but are not limited to, the following:

* Builds a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of protected health information (PHI), paper and/or electronic, across all media types. Ensures privacy forms, policies, standards, and procedures are up-to-date.

* Works with organization senior management, security, and corporate compliance officer to establish governance for the privacy program.

* Serves in a leadership role for privacy compliance

* Collaborate with the information security officer to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the information systems department.

* Establishes, with the information security officer, an ongoing process to track, investigate and report inappropriate access and disclosure of protected health information. Monitor patterns of inappropriate access and/or disclosure of protected health information.

* Performs or oversees initial and periodic information privacy risk assessment/analysis, mitigation and remediation.

* Conducts related ongoing compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions.

* Takes a lead role, to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements.

* Oversees, develops and delivers initial and ongoing privacy training to the workforce.

* Participates in the development, implementation, and ongoing compliance monitoring of all business associates and business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed.

* Works cooperatively with the Health Information Management (HIM) Director and other applicable organization units in overseeing patient rights to inspect, amend, and restrict access to protected health information when appropriate.

* Manages all required breach determination and notification processes under HIPAA and applicable State breach rules and requirements.

* Establishes and administers a process for investigating and acting on privacy and security complaints

* Performs required breach risk assessment, documentation, and mitigation. Works with Human Resources to ensure consistent application of sanctions for privacy violations

* Initiates, facilitates and promotes activities to foster information privacy awareness within the organization and related entities.

* Maintains current knowledge of applicable federal and state privacy laws and accreditation standards.

* Works with organization administration, legal counsel, and other related parties to represent the organization's information privacy interests with external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulation, or standard.

* Cooperates with the U.S. Department of Health and Human Service's Office for Civil Rights, State regulators and/or other legal entities in any compliance reviews or investigations.

* Serves as information privacy resource to the organization regarding release of information and to all departments for all privacy related issues.


Reports to Vice President, Corporate Compliance

Required Physical Demands (Subject to Reasonable Accommodation):

Keyboarding/Dexterity: Frequently; activity exists from 1/3 to 2/3 of the time
Standing/Walking: Occasionally; activity exists up to 1/3 of the time
Strength (Lift/Carry/Push/Pull): Sedentary (exerting up to 10 pounds of force occasionally)
Talking (Must be able to effectively communicate verbally): Yes
Seeing: Yes
Hearing: Yes
Color Acuity (Must be able to distinguish and identify colors): No

Environmental Conditions:

Normal office environment.



* Bachelors degree in health information management, health care administration, area of clinical expertise, or other related field

* Masters or JD degree preferred

* 5 years or work experience in the privacy field

* Extensive familiarity with health care relevant legislation and standards for the protection of health information and patient privacy

* Knowledgeable of current national healthcare policies and trends in political environment

* Knowledge of leadership, management, and quality improvement concepts

* Knowledge of compliance program guidance and industry standards

* Privacy certification such as Certified in Healthcare Privacy Compliance (CHPC) preferred

* Extensive familiarity with health care relevant legislation and standards for the protection of health information and patient privacy

 Apply on company website