Summary Public Health – Seattle and King County values diverse perspectives and life experiences. The Department encourages people of all backgrounds to apply, including people of color, immigrants, refugees, women, LGBTQ, people with disabilities, and veterans.
Health Information Privacy Manager/Analyst position resides within the Compliance and HIT/Epic Support Section of Public Health Seattle & King County. The purpose of this position is to manage the Health Information Privacy (hereinafter 'Privacy') Program for Public Health – Seattle and & King County. This position will manage the daily operations of the Privacy Program; provide leadership to Public Health on privacy; serve as a subject matter expert; represent the Department of Public Health to other departments and agencies; and manage the complex operations of compliance with the HIPAA Privacy Rule and other relevant federal and state health care privacy regulations.
The classification for this position is Project/Program Manager III.
WHO MAY APPLY: This full-time Career Service position is open to all qualified applicants.
WORK LOCATION: The Compliance Office and HIT/EPIC Support Section is located in the Chinook Building at 401 5th Avenue, Downtown Seattle. This position will be required to travel to other King County locations.
WORK SCHEDULE: The standard work schedule is Monday through Friday, 8:00 a.m. to 5:00 p.m. This position is Fair Labor Standards Exempt and therefore ineligible for overtime pay.
If you are applying to this position, please complete a NeoGov/Government Jobs application, and include the following required application materials:
REQUIRED APPLICATION MATERIALS:
1. Complete Electronic Job Application
2. Letter of Interest
If you do not provide the above materials with your application your application will be considered incomplete and you will not be considered for this recruitment.
You must completely fill out the application with your relevant education and work experience. Your application may be rejected as incomplete if you include relevant information only on the resume or letter of interest, or if you reference "see resume" on your application.
CONTACT: For questions about the position, please contact Mary Jane Alexander at Maryjane.firstname.lastname@example.org. For more information about the application process, please contact Erika Yanak, Human Resource Analyst, at email@example.com. Job Duties
1. Manage the Privacy Compliance Program
- Manage the daily operations of an effective privacy program that comports with relevant regulations and aligns with industry standards.
- Make recommendations for strategic program direction; develop short and long term program goals and provide status reports on performance indicators.
- Develop and monitor measures of privacy risks; identify and assess risk areas and gaps in privacy compliance; recommend and implement controls and corrective action.
- Maintain department privacy policies to ensure they comply with current regulations.
- Develop and provide privacy training and recommend strategies to ensure all workforce members are trained.
- Manage privacy incidents, complaints and breaches; implement protocols for investigations; recommend corrective action and maintain appropriate documentation.
2. Support the Public Health Compliance Auditing/Monitoring Program
- Conduct privacy and security audits as directed (e.g. Notice of Privacy Practices and Business Associate audits, use and disclosure of PHI audits and site audits).
- Prepare audit summary reports reflecting audit findings, including corrective action plans as required.
- Provide feedback and make recommendations to department and division leadership and provide training and education based on audit feedback and findings.
- Implement and/or conduct Electronic Health Record (EHR) access and other audits as directed.
3. Serve as Subject Matter Expert and Advisor
- Serve as an expert pertaining to health information privacy regulations and Public health policy and keep informed of regulatory requirements and changes.
- Establish a system to provide guidance and technical assistance to managers, staff and data owners regarding the use and disclosure of health information.
- Act as the liaison to outside agencies in order to develop, negotiate and manage interagency agreements that exchange health information.
- Review contracts (e.g. business associate, data use and data sharing) to ensure compliance with privacy regulations and Public Health policy; work with the Public Health Contracts Section, King County Prosecuting Attorney's Office and Risk Management as needed.
4. Provide Leadership and Promote a Culture of Compliance
Experience, Qualifications, Knowledge, Skills
- Recommend and implement strategies that build trust to create a culture of privacy; promote Public Health values and standards; ensure that privacy systems and services meet stakeholder and client interests/needs.
- Serve on Public Health management teams; participate and collaborate with other management staff in planning, coordinating and implementing privacy initiatives.
- Anticipate and proactively prepare for potential actions (e.g. inquiries, investigations, audits, etc.) from regulatory authorities such as HHS OCR and OIG; respond to inquiries, investigations and audits and recommend corrective action.
- Serve on internal and external counsels, committees and work groups and represent Public Health's privacy interests.
- Bachelor's degree in Business, Nursing, Public Administration, or related field and three years or more experience in health information privacy management; or any equivalent combination of education and experience.
- Demonstrated knowledge of State and Federal Health Information Privacy laws and management principals.
- Demonstrated ability to develop and implement protocols for health information privacy management; audits/gap analysis and corrective action plans.
- Demonstrated ability to diplomatically identify and resolve problems, to think creatively and work with cross-departmental groups to resolve issues and leverage opportunities.
- Demonstrated knowledge of the principles of customer service and satisfaction; demonstrated ability to work with diverse groups of individuals.
- Demonstrated skill in investigating and evaluating the facts and circumstances of an incident.
- Demonstrated skill in handling and managing a number of projects or multiple tasks simultaneously and working under pressure and meeting deadlines.
- Demonstrated skill in policy development and interpretation.
- Demonstrated skill in written and oral communications, interviewing, negotiating and public speaking.
- Demonstrated ability to serve as an expert adviser to internal and external customers regarding health information privacy.
- Juris Doctor Degree or health care legal practice experience.
- Masters degree in Healthcare or Business Administration.
- The most desirable candidates will have 5 years or more experience with privacy compliance, healthcare consulting experience with a focus on privacy law implementation.
- Possess a current certification from Health Care Compliance Association, such as Certified in Healthcare Compliance (CHC) or Certified in Healthcare Privacy Compliance (CHPC).
- Possess current credentialing as a Registered Health Information Technician (RHIT), Registered Health Information Administrator (RHIA), or be certified in Health Privacy (CHP) from AHIMA with experience relative to the size and scope of Public Health.
- This selection process may include but is not limited to: evaluation of application materials and supplemental questions, testing and interviewing. For more information on our selection process, refer to http://www.kingcounty.gov/health/about/hiring.htm
- Regular and reliable attendance, effective communication skills, and development of effective working relationships are requirements of all Public Health positions.
- Staff may be required to play an active role in the event of a public health emergency, which may include changes in responsibilities and working hours
NECESSARY SPECIAL REQUIREMENTS
- The selected candidate must pass a thorough background investigation.
- Employees are required to protect the privacy and security of protected health information as defined in State and Federal Law.
- Employees are required to adhere to OSHA/WISHA guidelines including but not limited to completing their mandatory trainings on time.
- The selected candidate must be required to pass through a DAJD and King County background investigation.
Union Affiliation: This position is not represented.