Address
Form of workDescription
AIM OF THE POSITION
The Sr. Privacy Specialist will be responsible for the implementation and facilitation of ongoing privacy, compliance, auditing, monitoring, and education activities as indicated by Agendia. This position will provide support, guidance, and perform a variety of duties centered on ensuring compliance with applicable governmental laws and regulations, the Health Insurance Portability and Accountability Act (HIPAA) regulations, the General Data Privacy Regulation (GDPR), internal policies and procedures, and contractual obligations. Remain knowledgeable of current legislation and changes in the regulatory environment.
POSITION WITHIN THE ORGANIZATION
1. Reports to Sr. VP, Compliance
2. Cooperates with IT, Finance, Human Resources, Operations and other key functions
3. Participates in:
- Department meetings
- Project meetings
Risk assessments and audits
Requirements
ESSENTIAL DUTIES AND RESPONSIBILITIES
Develop and maintain a comprehensive privacy program compliant with all applicable laws and regulations, which minimizes risk and ensures the confidentiality of Protected Health Information (PHI) and Personally Identifiable Information (PII).
Development of employee privacy training within the organization's learning management system, including adding and updating individual employee requirements as needed.
Assist with documentation of employee new hire training requirements and conduct monitoring to ensure all new employees have completed required courses.
Assist in development and distribution of newsletter communications and policies and procedures. Lead privacy risk assessment, work plan, monitoring, auditing, and mitigation activities.
Investigate and document incidents of unauthorized access, use and/or disclosures of PHI and PII and ensure that appropriate remediation is completed.
Maintain tracking systems for privacy-related investigations.
Initiate, facilitate, and promote activities to foster privacy awareness across the organization.
Evaluate and monitor privacy practices of third-party vendors to ensure compliance with HIPAA, GDPR and other applicable requirements.
Act as a resource for privacy-related inquiries and provide guidance to staff at all levels.
Work in conjunction with Human Resources to ensure that disciplinary actions for privacy violations are consistent.
Work in conjunction with the Compliance Team, to ensure the success of program goals and strategic initiatives.
Other projects and duties as assigned.
The above listing represents the general duties considered essential functions of the job and is not to be considered a detailed description of all the work requirements that may be inherent in the position.
EDUCATION AND EXPERIENCE REQUIREMENTS
EDUCATION
Minimum Bachelor's Degree
EXPERIENCE
Minimum of 3-5 years of experience with healthcare compliance and privacy, including how programs are developed, communicated and managed, is preferred.
Certification in Health Care Privacy Compliance (CHPC) or equivalent.
Comfortable presenting to large groups of individuals and to senior management.
Experience with cross-functional teams and demonstrated ability to partner effectively with individuals at all levels of the organization to address complex compliance and operational issues.
Experience with OneTrust, data processing agreements, data mapping and data privacy impact assessments.
Experience in diagnostic or medical device industry a plus
KNOWLEDGE, SKILLS AND ABILITIES (KSA'S)
Specific Knowledge Required:
Ability to set priorities and adapt to changing business needs and manage multiple projects within established time frames.
Ability to clearly and effectively communicate complex issues and concepts orally and in writing.
Working knowledge of healthcare federal and state laws and regulations, including HIPAA, GDPR, CCPA, CPRA, Stark Law, Federal Anti-Kickback Statute, and industry association guidance on HCP interactions is preferred.
Advanced computer skills, including MS Office Suite, excellent report writing, analytical, and project management skills with a good attention to detail.
Experience in the development, initiation, maintenance, and revision of policies and procedures for the general operation of a compliance program and its related activities to prevent illegal, unethical, or improper conduct
Experience evaluating and auditing compliance matters to identify operational issues and recommend and implement strategies to resolve compliance problems
Strong project management skills, to include managing and prioritizing multiple concurrent projects, and reporting progress and risks to colleagues and senior management
Demonstrated ability to advise and collaborate with management on compliance issues, facilitating risk assessment and developing practical business solutions
Training and presentation experience in various settings including live audience and remote presentations via Teams, Ring Central, GoToMeeting, etc.
BEHAVIOURAL COMPETENCIES/DESIRED SKILLS
o Self-Starter
o Ability to work independently and prioritize personal workload
o Self-organization
o Excellent communication skills
o Perform multiple tasks under minimum supervision
o Can do-attitude; enables change
WORKING ENVIRONMENT
Establishes ADA (Americans with Disabilities Act) requirements
ENVIRONMENT/SAFETY/WORK CONDITIONS
Working conditions (inside or outside the office)
General office environment. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Maintains a clean, neat, and orderly work area.
Adheres to Department Specific Safety Guidelines.
Standing, sitting, walking, bending, reaching, manual manipulation, and lifting up to 15 pounds.
PRIVACY NOTICE: To review the California privacy notice, click here: https://agendia.com/privacy-policy/
TRAVEL
o Ability to drive/fly routinely internationally and domestically for up to 15%
OTHER DUTIES
Other duties as required by management
