Job Description :
This job is responsible for development and execution of the activities associated with the Privacy and Data Ethics Team of Highmark Health, AHN, HMHS, Highmark Inc., and all of its other affiliated entities. The Team is accountable for privacy, data ethics and data governance, data strategy, regulatory compliance, associated risk management, and data sharing matters within the enterprise.
- Ensure timely and accurate delivery of legal advice and counsel on all privacy and data ethics matters to ensure compliance with applicable legal and regulatory requirements, including negotiation and drafting of client contracts and subcontracts, as well as review and interpretation of related legislative activity impacting enterprise services, offerings and initiatives.
- Assume primary accountability and set strategic direction for the sustainability and effectiveness of the enterprise-wide data governance program.
- Oversee security incident and privacy breach response planning, as well as execution of the Privacy Incident Response Team (IRT) bringing together representatives from Legal, Enterprise Risk and Governance, Corporate Communications, Physical Security, Information Security, Safety and other affected business units from across the enterprise. Manage the escalation of security events.
- Ensure through enterprise-wide training and retraining initiatives that behavior within the enterprise complies with the enterprise’s privacy and security policies and procedures and all relevant privacy laws and regulations (state, federal and international), ethical guidelines, accreditation mandates and industry standards.
- Oversee safeguarding and disclosure policies concerning Confidential Information (i.e. protected health information belonging to members and patients, proprietary data, human resources information, financial data, competitively sensitive information (CSI), group account, and provider information) of Highmark Health and its subsidiaries and affiliates.
- Serve as enterprise data ethics officer to ensure ethical principles and considerations are embedded at every state of the enterprise data supply chain; including product, research, service, and digital data delivery.
- Assess new strategic initiatives and proposed contractual relationships to ascertain privacy and data ethics impacts upon the enterprise, and provide strategic guidance to corporate officers regarding Highmark Health’s information resources and technology, and compliance with privacy and data ethics policies.
- Ensure that executive management and the Board of Directors are informed of any significant privacy and data sharing deficiencies, concerns and incidents that would have any direct or indirect effect on the company. Actively participate in executive-level committees to address privacy, data ethics, data strategy, risk management, data governance and information management issues that may impact the enterprise
- Perform management responsibilities including, but not limited to: involved in hiring and termination decisions, coaching and development, rewards and recognition, performance management and staff productivity. Plan, organize, staff, direct and control the day-to-day operations of the team; and develop and implement policies and programs as necessary.
- Other duties as assigned or requested.
- 10 years in Privacy or Regulatory and Compliance experience
- 10 years in Legal
- 7 years in a management role
- Experience with a healthcare insurer or healthcare provider
LICENSES AND CERTIFICATIONS
- Data Privacy
- Privacy Breach Case Tracking System
- Legal Analysis
- Healthcare Information Technology
- Regulatory Compliance
- Training Delivery
- Strategic Planning
- Strategic Communications
- Strategic Partnerships
Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.
Compliance Requirement: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies.
As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy.
Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/ProtectedVeterans/Disabled/Sexual Orientation/Gender Identity (http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf)
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.
For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org
California Consumer Privacy Act Employees, Contractors, and Applicants Notice