The Privacy Analyst supports the activities of Alliance’s privacy program in developing and maintaining policies, procedures, and practices designed to ensure compliance with all State healthcare program requirements and Federal and State Privacy rules and standards.

This position will allow the successful candidate to work a hybrid schedule. Two days a week working onsite is required.

 Responsibilities & Duties

Investigate Privacy and Confidentiality Incidents and Breaches

Assist Director of Privacy/Security and Privacy Analyst II with investigating, tracking, and resolving incidents and breaches Communicate with staff and management as appropriate to collect all facts necessary for a thorough risk assessment and investigation Utilize various investigative techniques, including investigative and administrative interviews, evidence collection, and regulatory research Document investigative actions and findings in Compliance360 Develop audit and monitoring tools, as needed, to assist with investigations Maintain high levels of confidentiality and integrity at all times Provide notification of breaches to members within specified timeframes and under the guidance of the Director or Privacy Analyst II

 Document and Provide Technical Assistance to Providers in Alliance Network

Document privacy and confidentiality complaints in appropriate system Utilize standard responses or consult with Privacy Analyst II or Director to develop provider notifications Notify provider(s) in writing of the potential violation, monitor, and follow up with the provider regarding any required compliance steps such as risk assessments, mitigation efforts, notification of affected individuals, and submission of reports to the Department or the US Department of Health and Human Services, Office of Civil Rights

Conduct Privacy Audits

Conduct recurring and/or ad hoc privacy audits Develop audit protocol and audit tools as necessary Perform detailed review of audited files, collect data, and document findings Prepare audit reports, propose remediation, and submit to Director for review and approval Monitor effective implementation of remediation plans Disable workforce access at employment termination

Monitor Business Associates and Delegated Vendors

Monitor Alliance business associates’ and delegated vendors’ compliance with HIPAA Utilize Compliance360 to enter business associate information and send questionnaires Prepare report for review by the Director and Information Security Steering Committee Conduct follow up as needed

HIPAA/Confidentiality Training

Assist Director and Privacy Analyst II in developing and disseminating annual and ad hoc HIPAA and Confidentiality training to employees Conduct New Employee Orientation HIPAA and Confidentiality training bi-weekly or as assigned by the Director Track post-test scores and ensure employees receive retraining when failing a post-test

Minimum Requirements

Education & Experience

Associate’s degree preferably in healthcare, public or business administration, social science or related field and five (5) years of experience in healthcare privacy compliance, regulatory analysis, auditing, investigating; or equivalent combination of education and experience

OR

Bachelor’s degree from an accredited college or university preferably in healthcare, public or business administration, social science or related field and three (3) years of experience in healthcare privacy compliance, regulatory analysis, auditing, investigating.

Must have demonstrated knowledge and experience in HIPAA privacy regulation and conducting/managing audits or investigations. 

CLEAR certification required within one (1) year of employment.

Preferred: Knowledge of NC General Statutes, 42 CFR Part 2, and certified in Healthcare Privacy Compliance (CHPC) or similar certification. 

Knowledge, Skills, & Abilities

Knowledgeable with Microsoft Office Suite Ability to maintain confidentiality Provide exceptional customer service Ability to develop applicable policies and procedures Self-starter with ability to meet strict deadlines Excellent organizational skills and attention to detail Knowledge of HIPAA, state and federal guidelines on privacy, and security Interpersonal skills and demonstrated ability to work with diverse functional areas within and outside the organization. Experience investigating and resolving incidents involving protected health information Staff training specific to privacy and confidentiality Ability to develop automated audit tools, databases and tracking tools desired Ability to communicate effectively both verbally and in writing

Salary Range

$58,480 - $66,521/Annually

Exact compensation will be determined based on the candidate's education, experience, external market data and consideration of internal equity. 

 An excellent fringe benefit package accompanies the salary, which includes:   

Medical, Dental, Vision, Life, Long Term Disability Generous retirement savings plan Flexible work schedules including hybrid/remote options Paid time off including vacation, sick leave, holiday, management leave Dress flexibility