Senior Privacy Analyst

The Senior Privacy Analyst is responsible for triaging and responding to privacy incidents and inquiries in accordance with all applicable federal (HIPAA) and state privacy laws in support of Collective Health’s Privacy Program.

Reporting to the Senior Manager, this position will act as a trusted privacy resource and ensure the timely and accurate handling of privacy incidents and inquiries. 

• Manage privacy incidents, including breaches, involving protected health information (PHI).
  • Review all facets of a privacy incident to understand causation and responsibility including the review of audit or other technical logs.
  • Document all aspects of the privacy incident review/investigation.
  • Apply privacy laws to each incident to assist in making breach determinations.
  • Work across teams to implement appropriate training and/or corrective actions to prevent re-occurence.
• Manage and trend privacy inquiries submitted by internal partners.
  • Research and review privacy inquiries.
  • Document inquiries in appropriate systems.
  • Develop and maintain processes to track and trend inquiries.
  • Exercise judgment to determine appropriate actions (e.g., identifying issues that require the input of other Privacy Team members and taking steps to escalate these matters appropriately).  
• Responsible for assisting with any third-party, privacy-based inquiries, audits or investigations.
  • Review of audit trails or logs.
  • Documentation of audit/investigative efforts.
  • Produce reports to assist with audits/investigations.
• Responsible for assisting the Privacy Officer, Privacy Counsel and Senior Privacy Manager with operational aspects of the Privacy Program including:
  
  • Drafting, review and maintenance of policies and procedures.  
  • Creation and maintenance of trainings. 
  • Implementation of system-wide privacy projects/programs.

• 3+ years experience working in healthcare.
• 3-5 years experience serving in a role supporting a HIPAA-based privacy program.
• 1-3 years experience with using access management/monitoring systems (i.e., Imprivata or Protenus (required)), including managing ensuing privacy investigations.  
• Knowledge of privacy laws and regulations, including HIPAA
• Outstanding judgment
• Ability to work both independently and as part of multidisciplinary teams.

This job can be performed in a location where we have an office: Lehi, UT, or Plano, TX, with the expectation of being in office at least two weekdays per week, or hired for remote work in the following states: AZ, CA, CO, CT, FL, GA, IL, MD, MA, MI, MN, NV, NJ, NY, NC, OH, OR, TN, TX, UT, VA, WA, or WI.

The actual pay rate offered within the range will depend on factors including geographic location, qualifications, experience, and internal equity. In addition to the salary, you will be eligible for stock options and benefits like health insurance, 401k, and paid time off. Learn more about our benefits at https://jobs.collectivehealth.com/benefits/.