Director of Privacy and ROI

VIA Health Partners is an industry leader and top-10 nationally ranked provider of end-of-life care.  More importantly we are proud to be a community based, not for profit hospice & palliative care provider.  We have deep community roots, with decades of experience serving ALL patients’ and families’ needs regardless of their ability to pay or their medical complexity. We are a people first organization whose funds go to serve our mission.

Due to our significant growth, we are looking for amazing new staff who share these same values. Apply now and be a part of our success story.

We provide excellent benefits including:

• Medical, Vision, and Dental plans through BCBS
• 28 days of Paid Time Off
• Excellent mileage reimbursement rate 
• 403b Retirement plan with matching
• Focused programs honoring Veteran patients
• Assistance with achieving Certified Hospice & Palliative Nurse (CHPN)
• Best Orientation and Onboarding program you’ve experienced
• Seasoned Hospice leaders guiding your career growth

Essential Functions

• Identified role of Privacy Officer—to lead the organization’s HIPAA privacy program through policy and procedure development, risk assessments, audits, and training in coordination with leadership and HIPAA Security Officer
• Responsible for all HIPAA patient rights, safeguards, and regulatory allowances, including but not limited to: patient access requests, amendment requests, accounting of disclosure issues, and disclosure disputes, escalating to leadership, legal where interpretation of law or organizational risk is involved
• Responsible for all disclosures and management of ROI procedures across all branches and service lines. This includes both reviewing and validating documentation supporting authority to request, receive or authorize disclosure of PHI.  Act as Subject Matter Expert for all related legal documentation such as HCPOA, guardianships, executorship, letters of administration, and other personal representative documentation as covered under HIPAA or applicable state law.
• Responsible for intake, review, and response to subpoenas, attorney letters, disability and insurance requests, government inquiries, and other third party legal or quasi legal demands for records.  Coordinate with leadership on complex legal requests including requested tied to litigation, law enforcement, disputed family/representative status, etc.
• Maintain complete, audit-ready documentation of all requests, legal basis for disclosure, approvals, denials, redactions, deadlines, and final release actions. This includes responsibility for accounting disclosures, patient access processes, and documentation of investigations and program activity.
• Partner with Compliance, HIM, CIO, Security, Clinical Software, IT and Operations to support policy administration, risk reduction, and technology modernization, including review of AI-enabled or automated workflows that may affect PHI, disclosure practices, or documentation integrity. This includes oversight of privacy impact, AI-related risk, and process controls around digital tools, especially when PHI or clinical documentation is involved.
• Serve as an operational subject matter resource to branch/site teams on lawful release practices, authorization sufficiency, representative documentation, and documentation retention requirements. HIPAA and HIM roles in health systems commonly include staff education and policy support
• Assist compliance and HIM with all audit response activities, ADR/CERT requests, or other Medicare/Medicaid/Third Party request for records as part of medical review and program integrity, or other internal compliance reviews as party of survey readiness
• Review, revise, and maintain inventory of all HIPAA related forms, letters, templates, and related procedures and job aids, (i.e. release of information authorization form, Notice of Privacy Practice, coversheets and templates for responses
• Coordinate with branch level leadership, Business Office Managers, social workers, and HIM for development of SOP for identified low risk, high volume requests for letters, forms containing PHI and requiring authorization.
• Responsible for all medical record retention, storage, and destruction and all associated documentation
• Customer Service
  • Has knowledge of and implements VIA’s  Core Values, the principles, and processes for providing customer and personal services to all VIA customers, both internal and external. This includes customer needs assessment, meeting quality standards for services, and evaluation of customer satisfaction.
•  Assumes responsibility for related duties as required or assigned.
  • Ensures that VIA’s professional reputation is maintained and projected through job performance.
  • Assumes responsibility for professional development and staying abreast of current trends in the field.  Incorporates new information and methods into practice. 
  • Maintains current professional licensure or certification (if applicable).
• May perform other duties as assigned.

Minimum Qualifications

• Bachelor’s degree in Health Information Management, Healthcare Administration, Public Health, Business, Legal Studies, or related field
• Minimum of 5 years or progressively responsible experience in at least one of the following: privacy/compliance operations, release of information, HIM, healthcare paralegal work or healthcare regulatory operations
• Working knowledge of HIPAA Privacy Rule, personal representative standards, and healthcare record confidentiality requirements.
• Experience using EHR/EMR systems, document management systems, disclosure logs, and Microsoft Office tools.

Preferred

• Certification in healthcare privacy/HIPAA/HIM compliance  (HPOC, CHPS, CHPSE, RHIT, RHIA, CHC, CHPC) 
• Prior experience in healthcare legal operations, record subpoena processing, privacy operations, and legal document review
• Experience supporting privacy review of digital-health, telehealth, analytics, or AI tools 
• Hospice, palliative, home health, or post-acute experience