Director, Privacy
3 weeks ago
- Serves as the Corporate Privacy Security Official pursuant to the administrative requirements of 45 Code of Federal Regulation, Standards for Privacy of Individually Identifiable Health Information (HIPAA Privacy Rule), HITECH and relevant state laws.
- Coordinates corporate compliance privacy security activities which includes overseeing the establishment, implementation, and adherence to corporate policies on individual privacy/security, confidentiality, and release of confidential information
- Chair/Co-Chair of the Information Privacy and Security Committee
- Assist in selection of a Privacy Liaison for each CCA entity to facilitate privacy security compliance initiatives and fulfill federal and state privacy requirements
- Develops and manages HIPAA project teams, including Privacy Liaisons; serves as a privacy resource for CCA departments and entities
- Provides leadership in the planning, design, and evaluation of CCA privacy and security related projects
- Serves as a liaison to regulatory and accrediting bodies for matters relating to privacy security
- Responsible for documenting and communicating the progress of the implementation of the HIPAA privacy security compliance program at CCA including affiliates and related entities
- Works with legal counsel, management, operational departments, and committees to ensure CCA has and maintains appropriate privacy and security confidentiality consent, authorization forms and information notices
- Works with the Legal Department to review new or revised healthcare laws and regulations (federal and state) pertaining to individual privacy and determine whether modifications or revisions of policies and procedures are needed
- Provides direction and guidance in special investigations or special projects. Reviews results and recommends actions in coordination with key internal/external stakeholders
- Works closely with IT Security, members of the electronic medical record implementation/informatics team, and other information technology personnel to ensure that the organization's privacy security protections keep pace with technological advances
- Coordinates with management, IT security, and others to assure physical safeguards to guard data integrity, confidentiality, and availability
- Coordinates with senior management, operational managers, the Chief Information Security Officer, IT managers, and business support services to provide for a business continuity plan and disaster recovery service. Ensure CCA's disaster recovery plan addresses relevant information privacy and security issues.
- Reviews all system-related information privacy and security plans throughout CCA's network to ensure alignment between security and privacy practices
- Provides concise and timely summaries to senior management of complex and detailed regulatory publications and prepares operational impact statements
- Assist in the oversight of the Corporate Compliance Plan and identification of compliance risks
- Review Code of Conduct and Compliance Program Description at least annually and promote and enforce CCA's Code of Conduct
- Maintains current knowledge of applicable federal and state privacy security laws and accreditation standards, and monitors advancements in information privacy security technologies to ensure organizational adaptation and compliance
- Participates in outside healthcare organizations for keeping updated on privacy developments and "best practices" for individual privacy security
- Maintains corporate library on Privacy Security regulations and requirements
- Maintains documentation of corporate compliance privacy security program
- Research regulatory issues and can utilize a variety of research resources to assure that the most recent regulatory issuances and interpretations are available.
- Communicates changes in regulatory issues to senior management and to the appropriate operational managers.
- Provides access to detailed regulations and assures operational mangers understand the regulations
- Establishes and administers, as appropriate, a corporate process for receiving, documenting, tracking, investigating, and acting on all complaints concerning CCA's privacy and security compliance policies and procedures
- Responds quickly to incidents and violations to reduce the risks to the organization
- Develops, implements, and administers a system-wide request for access/disclosure verification procedure that reasonably verifies the identity of the individual or entity requesting access or disclosures, and /or legal authority to request the protected health information
- Implements and oversees the development and application of corrective action procedures designed to mitigate any deleterious effects of use of disclosure of PHI by members of the entity's workforce or business partners
- Establishes policies/procedures that ensure that record custodians correctly protect and archive patient information
- Works cooperatively with Corporate leadership in establishing a system to meet patient rights to inspect, amend, and restrict access to protected health information
- Directs the appropriate use of notices, postings, signs, and information available to the public and to patients concerning corporate policies and procedures to protect individually identifiable health information and notices of restrictions that may be placed on the release of information
- Increases the public's awareness of organization's efforts to preserve individual privacy
- Provide information in response to internal and external inquiries regarding the entity's corporate privacy policies and procedures or notice of information practices
- Initiates, facilitates, and promotes activities to foster information privacy awareness within the organization and related entities.
- In coordination with operational stakeholders, serves as privacy liaison, as appropriate, to ensure privacy awareness and proper authorizations are established where needed or required for research
- Oversees the development, delivery, and ongoing improvement of privacy security compliance training and awareness to include CCA staff and other entities, as required
- Develops and implements a system-wide privacy training program and, in conjunction with the security official or other individuals charged with security oversight, a cyber security awareness and training program that includes the following components:
- Initial training of all employees related to the privacy program
- Privacy training to all members of the workforce, including all employees, volunteers, trainees, and other persons under the direct control of the entity on an unpaid basis, who are not business partners but are likely to have contact with PHI
- Upon changes in corporate privacy policy or procedure, retraining of directly affected employees
- Mandated privacy retraining for all employees at on-boarding and annually thereafter.
- Works with senior management to develop and consistently apply appropriate discipline for employees who fail to comply with the organization's privacy security policies and procedures
- In cooperation with Human Resources, the Privacy Security Official, administration, and legal counsel, as applicable, ensures consistent application of disciplinary action for failure to comply with privacy security policies for all individuals in the organization's workforce, extended workforce, and for all business associates
- Coordinates with HR to ensure no intimidating, discriminatory, or other retaliatory actions occur against a person who files, testifies, assists, or participates in any investigation, compliance review, proceeding, or hearing related to a privacy violation, or opposes any unlawful act or practice.
- Establishes an internal privacy security compliance audit program to ensure enterprise-wide compliance with CCA privacy security policies
- Works with departmental managers to assure that there is adequate auditing and monitoring of systems' access and activity and processes in place identify potential privacy security violations
- Directs or conducts independent reviews and evaluations of all operations and activities to appraise:
- Compliance with current regulations of federal, state, and other regulatory bodies
- Possible errors and omissions that may violate current or future compliance
- Compliance with internal policies, plans or standards which could impact compliance with external regulatory bodies
- Establishes a corporate-wide privacy security program certification/recertification process
- Cooperates with the Office of Civil Rights (OCR), other legal entities, and organization officials in any compliance reviews or investigations.
- Participates in the development, implementation, and ongoing compliance monitoring of all business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed
- Aids legal, operational managers and staff during enforcement activities, surveys, and external investigations. Assists in the preparations of required documentation required by external agencies, corrective action plans, and future monitoring or auditing to assure compliance
- Maintains communications with external regulatory or review organizations and accrediting agencies to assure proper interpretations of regulations and impacts on operations. Coordinates work with others within the organization that have responsibility for process improvement, accreditation surveys or other regulatory activities
- Assist with the development and preparation of corrective action plans, maintain compliance with benchmarks/deadlines and prepare written reports of audits.
- Prepare and coordinate regulatory filings as required
- Bachelor's Degree or equivalent experience
- Privacy Security certifications such as Certified in Healthcare Privacy Compliance (CHPC), Certified in Healthcare Privacy and Security (CHPS), Certified Information Privacy Professional (CIPP) and/or other healthcare industry related credentials
- 5-10 years' experience
- Experience with Medicare and Medicaid
- Health care experience
- An individual with a combination of the following: medical records/health information management background, information systems/technology background; compliance, legal or performance improvement experience
- Knowledge and experience in information privacy security laws (both Federal and state), access, release of information, and release control technologies
- An elevated level of integrity and trust
- Ability to identify issues, problems, and critical factors, and develop methods for corrective action
- Substantial computer skills required (Microsoft Office at a minimum)
- Able to communicate clearly, make oral presentations to senior management, and prepare concise detailed written reports
- Demonstrated organization, facilitation, communication, and presentation skills.
- Established project management skills
- Ability to initiate and develop innovative solutions to problems, to identify new opportunities; and have organizational perspective to see how the pieces fit and reflect that perspective in day-to-day decisions.
- Self-motivation and initiative
- Ability to identify issues, problems, and critical factors, and develop methods for corrective action
- Creativity in problem resolution is
- Strong analytical skillshaving the ability to identify an issue, conduct an analysis to determine business impact (including gap analysis), troubleshoot and identify
- Strong project management skills - having the ability to effectively manage multiple priorities simultaneously by maintaining established timeframes, adhering to work plans, and communicating changes
- Candidate must be able to prioritize work and use independent
- Ability to initiate and develop new solutions to problems, to identify new opportunities; and have organizational perspective to see how the pieces fit and reflect that perspective in day-to-day decisions.
-
Manager, Privacy
1 week ago
Boston, United States Commonwealth Care Alliance Full timeWhy This Role is Important to Us The Manager, Privacy will play a key role in building, operationalizing and sustaining an effective and robust Privacy Program. Reporting to the Director, the role will ensure that the organization complies with relevant and applicable privacy laws, regulations, contractual requirements, and standards. The role will be...
-
Boston, United States Commonwealth Care Alliance Full timeCommonwealth Care Alliance (CCA) is thrilled once again to host its Summer Internship Program for clinical and non-clinical departments! The Internship Program is open to undergraduate and graduate students from across the country. CCA Internships are a valuable way for students to obtain real-world experience, gain exposure to a specific field, build their...
-
Director, Executive Compensation
7 days ago
Boston, United States Chewy Full time**Role Overview** The Head of Executive Compensation will report to the Head of Total Rewards, and lead a team of seven Compensation professionals. The Head of Executive Compensation and Compensation Operations is responsible for the enterprise-wide executive compensation and compensation operations functions. Executive compensation responsibilities include...
-
Director of Transportation
3 days ago
Boston, United States Nobullproject Full time???? **Privacy Notice** **Director of Transportation** Boston, Massachusetts / Operations Logistics & Distribution / Full-Time NOBULL is a footwear, apparel and accessory brand for people who train hard and don't believe in excuses. The company is comprised of a small team of bright, passionate, and hardworking individuals. NOBULLs mission is to create a...
-
Director of Global Marketing
2 days ago
Boston, United States Ropes & Gray LLP Full timeAbout Ropes & Gray: The firm has approximately 2,500 lawyers and professionals serving clients in major centers of business, finance, technology, and government in Boston, Chicago, Dublin, Hong Kong, London, Los Angeles, New York, San Francisco, Seoul, Shanghai, Silicon Valley, Singapore, Tokyo and Washington, D.C. The firm has consistently been recognized...
-
Senior Director of Human Resource Systems
3 weeks ago
Boston, United States Tandym group Full timeA biopharma company in Massachusetts is looking to add a new Senior Director / Head of Human Resource Systems to their team. In this role, the Senior Director / Head of Human Resource Systems will be responsible for acting as a key member of highly collaborative HR and corporate teams with responsibility for Human Resource management systems, data and...
-
Medical Director in Boston, Massachusetts
4 weeks ago
Boston, United States TeamHealth Full timeAre you a contributor, collaborator and innovator with the skills and expertise to guide a team to reach goals and deliver quality patient care? An industry-leading healthcare organization, TeamHealth has the resources to support you as you perfect your practice and grow your anesthesiology leadership career. We are actively interviewing board certified...
-
Sr Director Internal Audit
2 weeks ago
Boston, United States Commonwealth Care Alliance Full timeWhy This Role is Important to Us The Sr. Director of Internal Audit position is a key member of the Commonwealth Care Alliance's Internal Audit team responsible for the successful completion of external regulatory compliance audits including, external regulatory compliance audits. The position advises the Audit and Compliance leadership on key risks,...
-
Medical Director in Boston, Massachusetts
2 weeks ago
Boston, Massachusetts, United States TeamHealth Full timeAre you a contributor, collaborator and innovator with the skills and expertise to guide a team to reach goals and deliver quality patient care? An industry-leading healthcare organization, TeamHealth has the resources to support you as you perfect your practice and grow your anesthesiology leadership career. We are actively interviewing board certified...
-
Senior Director, Risk Compliance
1 day ago
Boston, United States Snyk Full timeJob DescriptionJob DescriptionEvery day, the world gets more digital thanks to tens of millions of developers building the future faster than ever. But with exponential growth comes exponential risk, as outnumbered security teams struggle to secure mountains of code. This is where Snyk (pronounced "sneak") comes in. Snyk is a developer security platform that...
-
Associate Director Machine Learning Platform
6 days ago
Waltham, MA, United States Boston Dynamics Full timeAs Associate Director ML Platformon the Central Software team, you’ll spearhead development and expansion of machine learning (ML) capabilities at Boston Dynamics. You’ll oversee the design, implementation, and operations of infrastructure, and pipelines that unify how our many product ML/RL engineers and researchers get stuff done. If you are passionate...
-
Director, Customer
4 weeks ago
Boston, Massachusetts, United States Rhythm Pharmaceuticals Full timeCompany OverviewRhythm is a global, commercial-stage biopharmaceutical company committed to transforming the care of people living with rare melanocortin-4 receptor (MC4R) pathway diseases. Working at Rhythm means that you are part of a team that's passionate about transforming the lives of people living with hyperphagia (pathological, insatiable hunger) and...
-
Director, Strategic Accounts
1 week ago
Boston, United States Hiring Now! Full timeAbout the Job The Director, Strategic Accounts is a US field-based role responsible for increasing market presence and driving volume, revenue, and growth across the FMI portfolio. This role facilitates and develops strategies and business activities within identified Strategic accounts. This position leads a team of Strategic Account Professionals across an...
-
Director, Strategic Accounts
2 days ago
Boston, United States Hiring Now! Full timeAbout the Job The Director, Strategic Accounts is a US field-based role responsible for increasing market presence and driving volume, revenue, and growth across the FMI portfolio. This role facilitates and develops strategies and business activities within identified Strategic accounts. This position leads a team of Strategic Account Professionals across an...
-
Director of Strategic Accounts
3 weeks ago
Boston, Massachusetts, United States Tanium Full timeDSA – Mid MarketThe BasicsAs a Director of Strategic Accounts (DSA) on the Tanium field sales team, you will be responsible for generating opportunities to position the Tanium platform within an assigned territory and/or accounts. You'll be equally as comfortable with the CIO, CISO or VP Ops as you would hosting a room of Red Team members; from talking...
-
Boston, United States Alexion Pharmaceuticals,Inc. Full timeLocation: Boston, United States; New Haven, United States Job reference: R-199565 Date posted: 05/13/2024 **This is what you will do**: The Associate Director for aHUS Strategy in Alexion's Patient Services department will drive the implementation and ongoing management of key initiatives across all aspects of Patient Services as it relates to aHUS. The...
-
Director, Customer
2 weeks ago
Boston, United States Rhythm Pharmaceuticals Inc. Full timeCompany OverviewRhythm is a global, commercial-stage biopharmaceutical company committed to transforming the care of people living with rare melanocortin-4 receptor (MC4R) pathway diseases. Working at Rhythm means that you are part of a team that’s passionate about transforming the lives of people living with hyperphagia (pathological, insatiable hunger)...
-
Director, Customer
4 weeks ago
Boston, United States Rhythm Pharmaceuticals Inc. Full timeCompany OverviewRhythm is a global, commercial-stage biopharmaceutical company committed to transforming the care of people living with rare melanocortin-4 receptor (MC4R) pathway diseases. Working at Rhythm means that you are part of a team that’s passionate about transforming the lives of people living with hyperphagia (pathological, insatiable hunger)...
-
Human Milk Assistant
1 hour ago
Boston, MA, United States Massachusetts General Hospital Full timeDescription - External The Human Milk Specialist (HMS) performs procedures under the supervision of the Nursing Director, dietician and staff nurses. HMS provides support to the milk room in the form of identification, preparation, storage and dispensing of breast milk for enteral feedings. The HMS organizes supplies necessary to complete tasks in the milk...
-
Director Ii, Enterprise Data Science and Ai
4 weeks ago
Boston, United States Liberty Mutual Full time**Pay Philosophy** The typical starting salary range for this role is determined by a number of factors including skills, experience, education, certifications and location. The full salary range for this role reflects the competitive labor market value for all employees in these positions across the national market and provides an opportunity to progress as...
