SR Director, Privacy
2 months ago
Commonwealth Care Alliance
SR Director, Privacy (Remote)
Boston ,
Massachusetts
Apply Now
The Director, Privacy will play a key role in building, operationalizing and sustaining an effective and robust Privacy Program. Reporting to the Chief Privacy Officer, the role will ensure that the organization complies with relevant and applicable privacy laws, regulations, contractual requirements, and standards. The role will be responsible for developing and maintaining privacy-related policies and procedures, training, communications and awareness, monitoring and tracking, investigation, remediation, and corrective action planning documents, processes and protocols for the organization and all of its subsidiaries, affiliates and entities. The role will also ensure that all potential and reported privacy violations are fully investigated, including but not limited to the organizational security breach incident response protocol, partnering closely with Information Security, Legal and others. The role will additionally compile and develop relevant, timely and high-quality privacy reporting (including all relevant metrics) for both internal and external stakeholders, including but not limited to senior leadership, the Board and Audit Committee, and regulatory entities, among others. As part of the broader CCA Risk & Compliance Department and set of integrated GRC programs, the role will also foster and facilitate an organizational culture of openness, trust and transparency in ensuring integrity-based dealings with all internal and external stakeholders.
What You'll Be Doing:
ORGANIZATIONAL DEVELOPMENT OF PRIVACY PROGRAM
Develops and maintains all Privacy policies and procedures, ensuring timely, relevant and high-quality work product
Develops and maintains Privacy training, communications, education and awareness campaigns, plans and materials, ensuring timely, relevant, engaging and high-quality work product
Develops and maintains Privacy monitoring, tracking, reporting, metrics, dashboarding, and auditing programs and protocols, ensuring timely, relevant and high-quality work product, reviews and reports
Develops and maintains Privacy investigation and security/privacy data breach incident response protocols, reports and deliverables, partnering with all relevant cross-organizational areas, including those related to vendors, service providers, third-parties and downstream entities (i.e., both internal and external incidents)
Develops and maintains Privacy and Security-related control remediation and corrective action planning (CAP) protocols and reports, including relevant CAP issuance, guidance and closure
Develops and maintains all Privacy-related vendor, service provider, third-party, downstream entity, and similar oversight controls and protocols, including but not limited to Business Associate Agreements and other contractual reviews, mechanisms and activities
Develops and maintains highly effective and high-quality protocols for all internal and external Privacy reporting, including relevant and timely metrics, for senior leadership, the Board and Audit Committee, and regulatory entities, among others
Develops and maintains highly effective and high-quality protocols for timely and promptly evaluating new Privacy laws, regulations, contractual requirements and standards, and for effectively and proactively guiding and advising all relevant business, operational and clinical areas to adequately operationalize such new requirements, activities and change management protocols
Coordinates privacy activities overseeing the establishment, implementation, and adherence to corporate policies on individual privacy, confidentiality, and release of confidential information
Chair/Co-Chair of the Privacy & Security Compliance Committee
Develops and manages HIPAA project teams, including Privacy Liaisons; serves as a privacy resource for CCA departments and entities
Provides leadership in the planning, design, and evaluation of CCA privacy-related projects
Serves as a liaison to regulatory and accrediting bodies for matters relating to privacy
Responsible for documenting and communicating the progress of the implementation of the HIPAA privacy and security compliance program at CCA including affiliates and related entities
Works with legal counsel, management, operational departments, and committees to ensure CCA has and maintains appropriate confidentiality consent, authorization forms and information notices
Works with the Legal Department to review new or revised healthcare laws and regulations (federal and state) pertaining to individual privacy, and determine whether modifications or revisions of policies and procedures are needed
Provides direction and guidance in special investigations or special projects. Reviews results and recommends actions in coordination with key internal/external stakeholders
Works closely with IT Security, members of the electronic medical record implementation/informatics team, and other information technology personnel to ensure that the organization’s privacy and security protections keep pace with technological advances
Coordinates with management, IT security, and others to assure physical safeguards to guard data integrity, confidentiality, and availability
Coordinates with senior management, operational managers, the Chief Information Security Officer, IT managers, and business support services to provide for a business continuity plan and disaster recovery service. Ensure CCA’s disaster recovery plan addresses relevant information privacy and security issues.
Reviews all system-related information privacy and security plans throughout CCA’s network to ensure alignment between security and privacy practices
Provides concise and timely summaries to senior management of complex and detailed regulatory publications and prepares operational impact statements
Assist in the development of the Compliance and Privacy Workplans through effective identification of privacy-related compliance risks
Facilitates prompt, relevant, timely and high-quality responses to regulatory inquiries, audits and requests for information, either liaising directly with regulators, as warranted and appropriate, or partner with other CCA areas (e.g., CCA Compliance, CCA Legal, CCA Regulatory Audit Management, etc.)
PRIVACY EXPERTISE & RESOURCES
Maintains current knowledge of applicable federal and state privacy and security laws, regulations, contractual requirements and standards, and monitors advancements in information privacy and security technologies to ensure organizational adaptation and compliance
Participates in outside healthcare organizations to keep updated on privacy developments and “best practices”
Maintains regulatory library (“register”) for Privacy & Security laws, regulations and requirements pertaining to the organization
Maintains documentation of Privacy Program
Communicates changes in regulatory issues to senior management and to the appropriate operational managers
COMPLAINTS SYSTEM
Establishes and administers, as appropriate, a corporate process for receiving, documenting, tracking, investigating, and acting on all complaints concerning CCA’s privacy compliance policies and procedures
Responds effectively to incidents and violations to reduce the risks to the organization
Accurately and effectively reports privacy compliance risks and trends to internal stakeholders and through compliance committee governance
TRAINING, EDUCATION, & COMMUNICATION
Oversees the development, delivery, and ongoing improvement of privacy and security compliance training and awareness to include CCA staff and other entities, as required
Develops and implements a system-wide privacy training program and, in conjunction with the security official or other individuals charged with security oversight, a cyber security awareness and training program that includes the following components:
Initial training of all employees related to the privacy program
Privacy training to all members of the workforce, including all employees, volunteers, trainees, and other persons under the direct control of the entity on an unpaid basis, who are not business partners but are likely to have contact with PHI and/or PII
Upon changes in corporate privacy policy or procedure, retraining of directly affected employees
Mandated privacy retraining for all employees at on-boarding and annually thereafter
PRIVACY & SECURITY DISCIPLINE
Works with senior management to develop and consistently apply appropriate discipline for employees who fail to comply with the organization’s privacy and security policies and procedures
In cooperation with Human Resources, the Privacy & Security Officials, administration, and legal counsel, as applicable, ensures consistent application of disciplinary action for failure to comply with privacy and security policies for all individuals in the organization’s workforce, extended workforce, and for all business associates
Coordinates with HR to ensure no intimidating, discriminatory, or other retaliatory actions occur against a person who files, testifies, assists, or participates in any investigation, compliance review, proceeding, or hearing related to a privacy violation, or opposes any unlawful act or practice
CERTIFICATIONS AND AUDITS
Establishes an internal privacy and security compliance audit program to ensure enterprise-wide compliance with CCA privacy and security policies
Works with departmental managers to assure that there is adequate auditing and monitoring of systems’ access and activity and processes in place identify potential privacy and security violations
Directs or conducts independent Privacy reviews and evaluations of all operations and activities to appraise:
Compliance with current regulations of federal, state, and other regulatory bodies
Possible errors and omissions that may violate current or future compliance
Compliance with internal policies, plans or standards which could impact compliance with external regulatory bodies
Cooperates with the Office of Civil Rights (OCR), other regulatory entities, and organization officials in any compliance reviews or investigations.
Participates in the development, implementation, and ongoing compliance monitoring of all business associate agreements, to ensure all privacy concerns, requirements, and responsibilities are addressed
Aids Legal, operational managers and staff during enforcement activities, surveys, and external investigations. Assists in the preparations of required documentation required by external agencies, corrective action plans, and future monitoring or auditing to assure compliance
Maintains communications with external regulatory or review organizations and accrediting agencies to assure proper interpretations of regulations and impacts on operations. Coordinates work with others within the organization that have responsibility for process improvement, accreditation surveys or other regulatory activities
Assist with the development and preparation of corrective action plans, maintain compliance with benchmarks/deadlines and prepare written reports of audits
Prepare and coordinate regulatory filings, as required
What We're Looking For:
Education Required:
Bachelor's Degree or equivalent experience
Privacy & Security certifications such as Certified in Healthcare Privacy Compliance (CHPC), Certified in Healthcare Privacy and Security (CHPS), Certified Information Privacy Professional (CIPP) and/or other Privacy related credentials
Experience Required:
8-10+ years of health insurance Privacy legal and regulatory experience required
6+ years of managerial and leadership experience required
Experience Desired:
An individual with a combination of the following: medical records/health information management background, information systems/technology background; compliance, legal or performance improvement experience
EEO is The Law
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Please note employment with CCA is contingent upon acceptable professional references, a background check (including Mass CORI, employment, education, criminal check, and driving record, (if applicable)), an OIG Report and verification of a valid MA/RN license (if applicable). Commonwealth Care Alliance is an equal opportunity employer. Applicants are considered for positions without regard to veteran status, uniformed service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other category protected by applicable federal, state or local laws.
#J-18808-Ljbffr
We have other current jobs related to this field that you can find below
-
Sr Director Internal Audit
1 month ago
Boston, United States Commonwealth Care Alliance Full time**Why This Role is Important to Us:** The Sr. Director of Internal Audit position is a key member of the Commonwealth Care Alliance's Internal Audit team responsible for the successful completion of external regulatory compliance audits including, external regulatory compliance audits. The position advises the Audit and Compliance leadership on key risks,...
-
Sr. Director, Regulatory Affairs
3 weeks ago
Boston, United States The Steely Group Full timeThe Sr. Director, Regulatory Affairs serves as a Health Authority liaison and Regulatory Project Leader for multiple projects in various stages of development. The Sr. Director serves as a strategic regulatory leader for assigned drug development programs and uses extensive knowledge to advise project teams on regulatory requirements to drive successful...
-
Director, Digital Marketing
2 weeks ago
Boston, United States Foundation Medicine Full timeAbout the Job The Director, Digital Marketing & Events is responsible for the development, execution, and measurement of the FMI Clinical organization’s digital marketing and events. As an experienced digital marketer, this individual will have ownership over all of FMI’s clinical digital marketing, leading development and execution of a holistic digital...
-
Sr./Exec Director Of Business Development
2 weeks ago
Boston, United States findojobs.us Full timeSr./Exec Director of Business Development Computation is revolutionizing drug discovery. Advances in bigchemical data, massive computing power, artificial intelligence, andmolecular dynamics simulation are changing the way we develop newdrugs. At 1910 Genetics, we put computation at the heart of drugdiscovery, blending expertise in computational chemistry,...
-
Sr. Program Change Manager
3 months ago
Boston, United States Chewy Full timeOur Opportunity: Chewy is seeking a qualified candidate for the position of Sr. Program Change Manager. At Chewy, weâre changing the veterinary care experience from the ground up! With the launch of our new vet clinics in early 2024, we are looking forâ¯a Sr. Program Change Manager to join our Healthcare Team to lead cross-functional Change...
-
Boston, United States Electronic Search, Inc. Full timeNew Job Opportunity: Sr. Sales Manager-Director of Sales – 7936New Job Opportunity: Sr. Sales Manager-Director of Sales – Boston, MAJob Summary:This position uses strategic sales ability to sell products/services to new and existing customers. The role focuses primarily on defining and implementing sales strategies and plans that will outperform quota...
-
Senior Director, Product Design
1 month ago
Boston, Massachusetts, United States Chewy Full timeChewy strives to be the most trusted and convenient online destination for pet parents (and partners), everywhere. The Chewy Product Design and Research team are a hard-working, collaborative, and fun loving team of designers, researchers and builders, crafting experiences that aim to delight customers (and the community that support them) while...
-
Senior Director, Product Design
1 month ago
Boston, United States Chewy Full timeChewy strives to be the most trusted and convenient online destination for pet parents (and partners), everywhere. The Chewy Product Design and Research team are a hard-working, collaborative, and fun loving team of designers, researchers and builders, crafting experiences that aim to delight customers (and the community that support them) while...
-
Sr. Director of Sales Enablement
3 weeks ago
Boston, United States Standard BioTools Full timeWould you like to join an innovative team driven by a bold vision – unleashing tools to accelerate breakthroughs in human health? It is an extraordinary time for Standard BioTools. Our technology is empowering customers to improve life through comprehensive health insight. We invite you to join a leading provider of indispensable life sciences tools that...
-
Sr. Director of Sales Enablement
4 weeks ago
Boston, United States Standard BioTools Full timeWould you like to join an innovative team driven by a bold vision – unleashing tools to accelerate breakthroughs in human health? It is an extraordinary time for Standard BioTools. Our technology is empowering customers to improve life through comprehensive health insight. We invite you to join a leading provider of indispensable life sciences tools that...
-
Sr. Accounts Payable Specialist
3 months ago
Boston, United States Validity Full timeJob DescriptionJob DescriptionAbout the Role Validity is seeking an experienced and highly motivated professional to serve as its Sr. Accounts Payable Specialist. Reporting to the Sr. Manager - Accounting Operations, the Sr. Accounts Payable Specialist will play a key role in ensuring that all of the Company’s invoices have been reviewed, processed and...
-
Sr. Accounts Payable Specialist
2 months ago
Boston, United States Validity Full timeJob DescriptionJob DescriptionAbout the Role Validity is seeking an experienced and highly motivated professional to serve as its Sr. Accounts Payable Specialist. Reporting to the Sr. Manager - Accounting Operations, the Sr. Accounts Payable Specialist will play a key role in ensuring that all of the Company’s invoices have been reviewed, processed and...
-
Sr System Requirements Engineer
2 months ago
Boston, United States Haemonetics Software Solutions Full timeHaemonetics is committed to the protection of personal data in accordance with applicable laws and regulations. The editor and data controller ofwww.haemonetics.com is Haemonetics Corporation, 125 Summer Street, Boston, Massachusetts, 02110 U.S.A. The global Data Privacy Officer of Haemonetics can be reached at this address. Sr System Requirements Engineer...
-
Senior Principal Test Engineer Rambus
4 weeks ago
Boston, United States Semiconductor Engineering Full timeHome >Jobs > Senior Principal Test Engineer As a Sr. Principal Test Engineer, the candidate will be reporting to Director of Test Engineering and is a Full Time position. Rambus is seeking experienced, process-driven Test Engineers to join our cross-functional team in supporting Memory Interface product development. For additional details and the most recent...
-
Sr. Account Manager
1 month ago
Boston, United States Validity Full timeJob DescriptionJob DescriptionAbout the Role The Sr. Account Manager is responsible for growing revenue from existing customers by nurturing and expanding trusted advisor relationships with customers, gaining a deep understanding of customers’ needs and developing strategic account plans which include compelling business cases mapped to various customer...
-
Sr. Account Manager
3 weeks ago
Boston, United States Validity Full timeJob DescriptionJob DescriptionAbout the Role The Sr. Account Manager is responsible for growing revenue from existing customers by nurturing and expanding trusted advisor relationships with customers, gaining a deep understanding of customers’ needs and developing strategic account plans which include compelling business cases mapped to various customer...
-
Sr. Credit Officer
3 months ago
Boston, United States BritePros Medical Staffing Full time $170,000Sr. Credit Officer – To $170K – Boston, MA – Job # 3191Who We AreThe Symicor Group is a boutique talent acquisition firm based in Lincolnshire, IL & Rockport, TX. Our nationally unique value proposition centers around providing the very best available banking and accounting talent. In fact, most of our recruiters are former bankers or accountants...
-
Remote Sr. Analog Design
2 months ago
Boston, United States Entegee Full timeSr. Analog Design & Layout EngineerRemote; may have to go onsite for 1+ week for integration and testing6-12+ month contractPay Rate: $75+ per hour, based on experience levelUS Citizenship RequiredSummary:Seeking a Sr Analog Design and Layout Engineer with expertise in 28nm technology and memory cell layout for remote work, potentially requiring onsite...
-
Sr. Category Manager
2 months ago
Boston, United States Chewy Full timeOur Opportunity: Chewy is seeking a dynamic and analytical Senior Category Manager to join our growing and fast-paced merchandising team in FL or MA. We have very ambitious plans at Chewy and building our Merchandising teams and businesses are the top priority. Our Sr. Category Managers are passionate entrepreneurial minded contributors that enjoy relevant...
-
Sr. Clinical Trial Associate
1 month ago
Boston, United States Planet Pharma Full timeSR. CLINICAL TRIAL ASSOCIATE / IN-HOUSE CLINICAL RESEARCH ASSOCIATE AT SPONSOR. MUST HAVEStudy Start upSponsor / Biotech (HIGHLY Preferred)TMF spot check Reviewed monitoring reportsTracking documents for review from CROReview of Pharmacy ManualAble to perform preliminary document reviewHighly Organized and "on the ball"Role summaryThe CTA/ iCRA, reporting to...
