Overview Working with the Privacy Office team and under the direction of the Privacy Manager, helps drive compliance with federal and state privacy regulations, including HIPAA privacy. Monitors, analyzes, investigates and reports on information privacy compliance. This position is eligible for benefits! Some of the benefits we offer at Fairview include medical insurance - as low as $0, dental insurance - also a $0 option, PTO (24 days per year starting), and a 403B with up to a 6% employer match; visit www.fairview.org/benefits to learn more and get all the details. Responsibilities Job Description Incident Response · Serves as intake for patient and staff reports of information privacy incidents and concerns · Prevents, detects and responds to information privacy concerns and incidents · Coordinates any necessary investigations, mitigation, sanctions and other corrective action with appropriate workforce members including human resources, management and information technology · Assists with the development of risk assessments and breach notifications, when required, and within regulatory timeframes (e.g., notifications to individuals and the Secretary). · Maintains incident documentation in compliance with regulatory requirements for all information privacy complaints or concerns. Reporting and Metrics · Accurately enters data for tracking and reporting purposes · Assists in the ability to track, locate and report on information documented. Auditing and Monitoring · Conducts routine and targeted audits of electronic protected health information to identify inappropriate or unauthorized access and/or disclosure. · Conducts periodic site or risk area privacy audits to identify and mitigate risks to information privacy compliance. Training and Awareness · Enhances privacy training and education by assisting with the development, maintenance, and delivery of information privacy training and guidance materials · Delivers in-person and/or virtual privacy training sessions as needed Consultation and Guidance · Serves as a Fairview-wide resource to answer questions regarding health information privacy by responding to phone, email, and other inquiries from patients, staff, and providers · Participates in special interest group meetings as related to privacy Risk Assessment · In conjunction with the Privacy Office team, identify and assess privacy risks · Assists in the development and implementation of programmatic projects and/or topic management (e.g., business associate, data loss prevention, privacy partnership strengthening and new clinic orientation) Policies and Procedures · Identifies and confirms the need for policymaking in response to incidents, new laws and business changes Organization Expectations, as applicable: Demonstrates ability to provide care or service adjusting approaches to reflect developmental level and cultural differences of population served Partners with patient care giver in care/decision making. Communicates in a respective manner. Ensures a safe, secure environment. Individualizes plan of care to meet patient needs. Modifies clinical interventions based on population served. Provides patient education based on as assessment of learning needs of patient/care giver. Fulfills all organizational requirements Completes all required learning relevant to the role Complies with and maintains knowledge of all relevant laws, regulation, policies, procedures and standards. Fosters a culture of improvement, efficiency and innovative thinking. Performs other duties as assigned Qualifications Required Qualifications · Bachelor’s degree in Business Administration, Health Information Management, healthcare or related area. Or Associate’s degree with four or more years of related healthcare experience. · One year of experience in a health care or legal setting or in an administrative professional role. Preferred Qualifications · Bachelor’s Degree · Two years HIPAA privacy and/or security experience in a healthcare environment Certified in healthcare privacy and security (CHPS); certified information privacy professional (CIPP); or registered health information administrator or technician (RHIA or RHIT) Additional Requirements (must be obtained or completed within a period of time): Experience with Microsoft Office tools. EEO Statement EEO/AA Employer/Vet/Disabled: All qualified applicants will receive consideration without regard to any lawfully protected status