Skip To Content
Laptop
J198044

Senior Privacy Analyst - (Remote)

Highmark Wholecare

  • Company April 2022 Ed (1)
  • Home, PA
  • Legal
  • Full time

Company :

Gateway Health Plan

Job Description : 

JOB SUMMARY


This job provides analytical support to various aspects of the enterprise wide Privacy Program, including requirements related to the Protection of Competitively Sensitive Information. Responsible for policy and procedure development , communication, investigation, response and mitigation of privacy incidents; maintaining various databases used for tracking of privacy and security incidents and issues,  and workforce training. Perform analysis, provide guidance to business and operational areas, recommend changes to processes, and prepare reports. Responsible for receiving, reviewing and responding to members’ requests for HIPAA individual rights. May be assigned monitoring, auditing and oversight activities and as such would be accountable for meeting project deadlines and deliverables.

ESSENTIAL RESPONSIBILITIES

  • Enterprise wide Privacy Program Facilitation and Implementation for Gateway Health.
  • Collaborate with other members of the team and business owners, and provide experience to identify need for, develop, implement and promote privacy policies, procedures and programs to meet or exceed the privacy compliance requirements of laws and regulations including but not limited to: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) and implementing regulations, The Health Information Technology for Economic and Clinical Health Act (HITECH) and implementing regulations, The Centers for Medicare & Medicaid Services Part C and Part D program requirements and other government contract compliance requirements, The Children’s Online Privacy Protection Act (COPPA), The Accountable Care Act , Applicable Federal Trade Commission requirements,  Other state and federal privacy laws and regulations,  Gateway policy concerning  Protection of Competitively Sensitive Information. International and European Union Safe-Harbor requirements for global roll-out to the Company’s international subsidiaries
  • .Provide analytical support to risk identification and stratification, which includes monitoring and preparing reports in a proactive fashion.
  • Review initiatives, occurrences, documents, etc. for compliance with international, federal and state privacy and security laws, rules and regulations.
  • Investigate reported privacy  concerns
  •  Lead and/or support investigations of privacy and security incidents to determine specifics and provide analysis and recommendations for resolution, mitigation and risk mitigation, including allegations of violations of privacy  compliance standards by workforce members and external business partners. Assist with required HIPAA Risk Analysis and with execution of any required notice to accounts and individuals.
  • Current trend and emerging privacy  development
  • Monitor current privacy compliance environment, including corporate policies and procedures and other rules and regulations for privacy compliance through trend analysis and risk assessment, taking appropriate steps to improve the program’s effectiveness.  Perform risk assessments and support implementation of new or changed requirements
  • Privacy and CSI training and education implementation
  • Support content development, deployment and tracking of training for employees, managers, members of the boards of directors, and applicable first tier, downstream, and related entities.
  • Business owner collaboration and communication. Establish and maintain relationships with business owners in a variety of departments within Gateway. Work closely with business owners throughout the enterprise to collaborate on key privacy and information management initiatives such as training, communication and risk management. Participate in audits and cross-functional projects of various sizes and levels of complexity; serves as Privacy subject matter expert.
  • Provide technical assistance as required. Demonstrate and apply a thorough understanding of Gateway's complex business processes and environment. Demonstrate and apply strong project management skills, inspire teamwork and responsibility with team members, and use current technology and tools to enhance the effectiveness of deliverables. Basic to advanced understanding of regulatory environment.
  • Other duties as assigned or requested.

EDUCATION
 

Minimum

  • Associate's Degree

Substitution

  • Equivalent work experience

Preferred

  • Bachelor's Degree or J.D.

LICENSES/CERTIFICATIONS

Required

  • CIPP (Certified Information Privacy Professional) certification within 1 year of appointment

Preferred

  • None

EXPERIENCE

Required

  • 5-10 years of relevant, progressive experience in the area of specialization.

Preferred

  • None

SKILLS

  • Basic to advanced understanding of information management and privacy, as well as business and operational knowledge of Gateway and/or Insurance/healthcare industry 
  • Excellent oral, written, presentation, solid decision making abilities, and analytical skills to review and articulate privacy compliance objectives and applicable guidance and regulations 
  • Strong interpersonal skills; must be able to effectively resolve privacy issues and concerns.  Strong analytical and problem solving skills, sound professional judgment, business knowledge, and business acumen. Strong organizational and project management skills. Accountability for management of multiple projects with stringent and often overlapping deadlines involving several cross-functional areas. The incumbent interacts routinely with personnel within and outside of Gateway and must possess a positive, professional, and credible demeanor.  The utmost integrity in the discreet and confidential handling of confidential materials is expected. Possess the ability to assess operational functions and related reports to ensure compliance with applicable operational guidance and regulations. 
  • Implementation and project deadline coordination must be routinely monitored for potential internal and external risks and reported to management. A constant balance between strict project deadlines, corporate initiatives and daily priorities must be maintained with critical attention to ensure success in compliance with all applicable requirements. 
  • Must be flexible and able to handle aggressive deadlines along with evolving priorities

Language (Other than English):

None

Travel Requirement:

0% - 25%

PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS

Position Type

Office-based

Teaches / trains others regularly

Occasionally

Travel regularly from the office to various work sites or from site-to-site

Never

Works primarily out-of-the office selling products/services (sales employees)

Never

Physical work site required

Yes

Lifting: up to 10 pounds

Constantly

Lifting: 10 to 25 pounds

Never

Lifting: 25 to 50 pounds

Never

Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.

Compliance Requirement : This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies.
 

Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.

Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, age, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, age, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability. 

EEO is The Law

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Gender Identity ( https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf )

We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.

For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org

California Consumer Privacy Act Employees, Contractors, and Applicants Notice


Thumbnail Join Talent Community@2X

Connect with a career that’s right for you.

Introduce yourself and we'll get in touch monthly to share career insights and company news.

Join Our Talent Community