This job provides analytical support to various aspects of the enterprise wide Privacy Program, including requirements related to the Protection of Competitively Sensitive Information. Responsible for policy and procedure development , communication, investigation, response and mitigation of privacy incidents; maintaining various databases used for tracking of privacy and security incidents and issues, and workforce training. Perform analysis, provide guidance to business and operational areas, recommend changes to processes, and prepare reports. Responsible for receiving, reviewing and responding to members’ requests for HIPAA individual rights. May be assigned monitoring, auditing and oversight activities and as such would be accountable for meeting project deadlines and deliverables.
- Enterprise wide Privacy Program Facilitation and Implementation
- Collaborate with other members of the team and business owners, and provide experience to identify need for, develop, implement and promote privacy policies, procedures and programs to meet or exceed the privacy compliance requirements of laws and regulations including but not limited to: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) and implementing regulations, The Health Information Technology for Economic and Clinical Health Act (HITECH) and implementing regulations, The Centers for Medicare & Medicaid Services Part C and Part D program requirements and other government contract compliance requirements, The Children’s Online Privacy Protection Act (COPPA), The Accountable Care Act , Applicable Federal Trade Commission requirements, Other state and federal privacy laws and regulations, Highmark policy concerning Protection of Competitively Sensitive Information. International and European Union Safe-Harbor requirements for global roll-out to the Company’s international subsidiaries
- .Provide analytical support to risk identification and stratification, which includes monitoring and preparing reports in a proactive fashion.
- Review initiatives, occurrences, documents, etc. for compliance with international, federal and state privacy and security laws, rules and regulations.
- Investigate reported privacy concerns
- Lead and/or support investigations of privacy and security incidents to determine specifics and provide analysis and recommendations for resolution, mitigation and risk mitigation, including allegations of violations of privacy compliance standards by workforce members and external business partners. Assist with required HIPAA Risk Analysis and with execution of any required notice to accounts and individuals.
- Current trend and emerging privacy development
- Monitor current privacy compliance environment, including corporate policies and procedures and other rules and regulations for privacy compliance through trend analysis and risk assessment, taking appropriate steps to improve the program’s effectiveness. Perform risk assessments and support implementation of new or changed requirements
- Privacy and CSI training and education implementation
- Support content development, deployment and tracking of training for employees, managers, members of the boards of directors, and applicable first tier, downstream, and related entities.
- Business owner collaboration and communication. Establish and maintain relationships with business owners in a variety of departments and subsidiaries within Highmark. Work closely with business owners throughout the enterprise to collaborate on key privacy and information management initiatives such as training, communication and risk management. Participate in audits and cross-functional projects of various sizes and levels of complexity; serves as Privacy subject matter expert.
- Provide technical assistance as required. Demonstrate and apply a thorough understanding of Highmark’s complex business processes and environment. Demonstrate and apply strong project management skills, inspire teamwork and responsibility with team members, and use current technology and tools to enhance the effectiveness of deliverables. Basic to advanced understanding of regulatory environment.
- Other duties as assigned or requested.
- Equivalent work experience
- Bachelor's Degree or J.D.
- CIPP (Certified Information Privacy Professional) certification within 1 year of appointment
- 5-10 years of relevant, progressive experience in the area of specialization.
- Basic to advanced understanding of information management and privacy, as well as business and operational knowledge of Highmark and/or Insurance/healthcare industry
- Excellent oral, written, presentation, solid decision making abilities, and analytical skills to review and articulate privacy compliance objectives and applicable guidance and regulations
- Strong interpersonal skills; must be able to effectively resolve privacy issues and concerns. Strong analytical and problem solving skills, sound professional judgment, business knowledge, and business acumen. Strong organizational and project management skills. Accountability for management of multiple projects with stringent and often overlapping deadlines involving several cross-functional areas. The incumbent interacts routinely with personnel within and outside of Highmark and must possess a positive, professional, and credible demeanor. The utmost integrity in the discreet and confidential handling of confidential materials is expected. Possess the ability to assess operational functions and related reports to ensure compliance with applicable operational guidance and regulations.
- Implementation and project deadline coordination must be routinely monitored for potential internal and external risks and reported to management. A constant balance between strict project deadlines, corporate initiatives and daily priorities must be maintained with critical attention to ensure success in compliance with all applicable requirements.
- Must be flexible and able to handle aggressive deadlines along with evolving priorities
SCOPE OF RESPONSIBILITY
Does this role supervise/manage other employees?
Is Travel Required?
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/ProtectedVeterans/Disabled/Sexual Orientation/Gender Identity (http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf)
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.
For accommodation requests, please call HR Services at 844-242-HR4U or visit HR Services Online at HRServices@highmarkhealth.org