JobsEQ by Chmura Logo

Senior Director of Privacy

Owensboro Health
Location: 42303
Type: Full-Time, Non-Remote
Posted on: April 8, 2025
This job is no longer available from the source.
Senior Director of Privacy Newly Created Position Hours: 8a-5p Days - Full-time Paygrade/Wages/Salary Info: 27A -
Job Summary Oversees all ongoing activities across the system related to the development, implementation, maintenance of, and adherence to the organization#s policies and procedures covering the privacy of, disclosure of and access to, patient health information in compliance with federal and state laws and the healthcare organization#s information privacy practices. # Job Responsibilities Builds a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and procedures that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of protected health information (PHI); ensure privacy forms, notices, policies, standards and procedures are up to date. Works with organization senior management, Chief Information Security Officer, Chief Information Officer and the Chief Compliance Officer to establish a system-wide Privacy Oversight Committee and serve in a leadership role for the Privacy Oversight Committee#s activities. Serves in a leadership role for privacy compliance. Assists Chief Compliance Officer with compliance activities and investigations as requested. Works with a high level of confidentiality. Prepares written reports of findings and recommendations for corrective action. Interacts with all levels of team members and coordinates with others to implement corrective action and resolve issues/concerns. Develops and carries out/oversees ongoing monitoring plans based on findings and identified risk. Participates on various compliance committees, subcommittees, and workgroups. Collaborates with the Chief Information Security Officer and Chief Information Officer to ensure alignment between security and privacy programs including policies, practices and investigations. Performs or oversees initial and periodic information privacy risk assessment/analysis, mitigation and remediation. Conducts related ongoing compliance monitoring activities in coordination with the organization#s other compliance and operational assessment functions. Reviews role-based access controls; oversees audits of access to Protected Health Information (PHI); recommends appropriate action necessary as a result of audit activities. Takes a lead role to ensure the organization has and maintains appropriate privacy and confidentiality consents, authorization forms and information notices and materials reflecting current organization and legal practices and requirements. Oversees, develops and delivers initial and ongoing privacy training to the workforce. Participates in the development, implementation and ongoing compliance monitoring of all business associates and business associate agreements to ensure all privacy concerns, requirements and responsibilities are addressed. Works cooperatively with the Health Information Management (HIM) Director and other applicable organization units in overseeing patient rights to inspect, amend and restrict access to PHI when appropriate. Establishes, with management and operations, a mechanism to track access to protected health information, within the purview of the organization and as required by law and to allow qualified individuals to review or receive a report on such activity. Establishes and administers a process for receiving, documenting, tracking, investigating, and taking action on all complaints concerning the organization#s privacy policies and procedures in coordination and collaboration with other similar functions, when necessary, legal counsel. Manages all required breach determination and notification processes under HIPAA and applicable state breach laws and requirements, in coordination with the HIPAA Security Director, as applicable. Establishes and administers a process for investigating and acting on privacy complaints. Performs required breach risk assessment, documentation and mitigation. Works with Human Resources to ensure consistent application of sanctions for privacy violations. Initiates, facilitates and promotes activities to foster privacy awareness within the organization and related entities. Maintains current knowledge of applicable federal and state privacy laws and accreditation standards. Works with organization administration, legal counsel and other related parties to represent the organization#s privacy interests with external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulation or standard. Cooperates with the U.S. Department of Health and Human Service#s Office for Civil Rights, State regulators and/or other legal entities in any compliance reviews or investigations. Serves as the privacy resource to the organization regarding release of information and to all entities and departments for all privacy-related issues. Qualifications Bachelor#s degree or higher in healthcare related field required upon hire AND Master#s degree or higher in healthcare related field required within 2 years of employment in this position A combination of education, training and experience may be considered in lieu of degree. A minimum of 5 years# relevant experience required CHPC - Certified in Healthcare Privacy Compliance required within 12 months of employment in this position Skills and Attributes Requires critical thinking skills and decisive judgment. Works under minimal supervision. Must be able to work in a stressful environment and take appropriate action. Physical Demands Standing: Occasionally Walking: Occasionally Sitting: Frequently Lifting 0-25 lbs: Rarely Lifting 25-75 lbs: Never Lifting over 75 lbs: Never Carrying 0-25 lbs: Rarely Carrying 25-75 lbs: Never Carrying over 75 lbs: Never Pushing/Pulling 0-25 lbs: Rarely Pushing/Pulling 25-75 lbs: Never Pushing/Pulling over 75 lbs: Never Climbing: Rarely Bending/Stooping: Rarely Kneeling: Rarely Crouching/Crawling: Rarely Reaching: Occasionally Talking: Frequently Hearing: Occasionally Repetitive Foot/Leg Movements: Never Repetitive Hand/Arm Movements: Frequently Keyboard Data Entry: Frequently Running: Never Vision: Depth Perception: Frequently Vision: Distinguish Color: Frequently Vision: Seeing Far: Frequently Vision: Seeing Near: Frequently Owensboro Health Core Commitments INTEGRITY - We conduct ourselves with a high level of responsibility, reliability and honesty because we take seriously the trust of our patients and coworkers. RESPECT - We value and accept the unique talents and contributions of every patient, customer and team member in the Owensboro Health community. TEAMWORK - We build a spirit of connectivity and fellowship by striving together to overcome obstacles, surpass goals, celebrate accomplishments and plan the future. INNOVATION - We foster original ideas and creative solutions that improve our daily work and promote the mission of Owensboro Health. SERVICE - We focus on service to patients, customers and team members by anticipating their needs, thoughtfully meeting those needs and continually improving the quality of everything we do. EXCELLENCE - We reach beyond basic expectations to expand our knowledge and awareness, produce exceptional work and provide outstanding service.