Information Privacy Analyst Senior

We are currently seeking an Information Privacy Analyst Senior to join our team. This full-time role will work days (hybrid : ability to be on site approximately weekly is expected).

If you want to know about the requirements for this role, read on for all the relevant information.

Purpose of this position : Under the direction of the Information Privacy Director, the Information Privacy Analyst Senior develops, maintains, and performs activities in support of effective privacy and data practices programs.

Primary responsibilities include assisting with privacy program development and maintenance, supporting compliance with requests for data under the Minnesota Government Data Practices Act, conducting investigations, performing auditing and monitoring functions, and conducting education and outreach activities.

Subject matter areas of expertise include, but are not limited to, HIPAA, state and federal privacy laws and regulations, and data practices laws.

RESPONSIBILITIES :

• As a data practices designee, ensures timely responses to government data practices requests, including searching for, retrieving, reviewing, and redacting data, and providing timely responses to requester inquiries regarding the status of requests.
• Assists in the administration of the data practices compliance program.
• Provides guidance to leadership and Business Partners about timely response for requests for government data.
• Writes and updates organizational policies and procedures for the data practices compliance program.
• Remains current on developments in data practices laws, case law, and advisory opinions, and participates in continuing education and training opportunities related to the MGDPA.

HIPAA Information Privacy Program :

• Works closely with the Information Privacy Director to develop, implement, and maintain an effective information privacy program.
• Provides consultation and guidance on projects regarding information privacy compliance.
• Creates, coordinates, and updates the privacy training and awareness program, and conducts privacy presentations as needed.
• Writes and updates organizational policies and procedures for the information privacy program.
• Conducts regular and occasional privacy risk assessments and supports the development, and monitoring, of work plans to address identified risks.
• Remains current on emerging privacy regulations and participates in continuing education and training opportunities related to applicable privacy laws, guidance, and best practices.
• Conducts timely investigations and breach analysis into reported privacy inquiries and complaints, including performing audits of the electronic health record, and provides guidance to Business Partners and management about the assessment of privacy policy violations.
• Coordinates with relevant department leaders to appropriately and consistently apply corrective measures for privacy violations.
• Completes breach notification activities in a timely manner.
• Maintains accurate records by thoroughly documenting investigations and outcomes in a timely manner and within the designated incident management system.

General Duties :

• Creates and enhances new and existing metrics and reporting tools pertinent to the department’s operations.
• Effects compliance with applicable laws, regulations and accreditation standards, and promotes a culture of compliance.

QUALIFICATIONS :

Minimum Qualifications :

• 3-5 years of experience working with Information Privacy and / or the Minnesota Government Data Practices.
• An approved equivalent combination of education and experience.

Preferred Qualifications :

Prior experience working in a health care privacy role / department.

Knowledge / Skills / Abilities :

• Strong knowledge of applicable information privacy laws and regulations, including but not limited to, the Health Insurance Portability and Accountability Act and its implementing regulations (HIPAA), the Minnesota Health Records Act, and the federal regulations for substance treatment records (45 CFR Part 2).
• Knowledge of the Minnesota Government Data Practices Act and compliance with public disclosure law.
• Ability to maintain a high level of integrity, confidentiality, and trustworthiness in working with complex and sensitive situations.
• Ability to work with all levels of the organization with a collaborative but firm approach.
• Strong written and verbal communication skills, including proficiency in public speaking and conducting training.
• Strong interest in and ability to create and implement training programs.

License / Certifications :

Certification in Information Privacy, such as CIPP / US, CHPC.

Title : Information Privacy Analyst Senior

J-18808-Ljbffr