CommonSpirit Health was formed by the alignment of Catholic Health Initiatives (CHI) and Dignity Health. With more than 700 care sites across the U.S. from clinics and hospitals to home-based care and virtual care services CommonSpirit is accessible to nearly one out of every four U.S. residents. Our world needs compassion like never before. Our communities need caring and our families need protection. With our combined resources CommonSpirit is committed to building healthy communities advocating for those who are poor and vulnerable and innovating how and where healing can happen both inside our hospitals and out in the community.
Responsibilities
Job Summary / Purpose
This role will serve as a privacy analyst to investigate and document privacy incidents including privacy incident-related complaints, reports and events within a division, with cross coverage for other divisions. The role is responsible for interacting with patients, families, or any complainant, as well as conducting and documenting thorough and complete privacy event investigations to determine if a privacy violation and/or breach has occurred. This role is a necessary component of the privacy program, as HIPAA requires that each covered entity have a process to investigate and resolve privacy incidents, and incident-related complaints. Knowledge of the HIPAA Privacy rule, and previous experience in health care privacy is required.
Essential Key Job ResponsibilitiesConduct complete investigation of assigned privacy incidents and complaints within the established time frames. Investigations include interviewing staff and other involved parties, conducting access audits, reviewing audit logs, and analyzing event facts.Interact professionally with multiple internal and external parties as necessary and required to gather and communicate information related to allegations of a privacy incident or breach-related complaint.Apply the HIPAA privacy rule and other applicable law to make basic determinations regarding the resolution of privacy events.Partner and coordinate with IT Cybersecurity and Information Security Officers on assigned privacy events that intersect with security incidents.Document detailed investigation notes with outcomes in an established privacy repository. Work with Human Resources to facilitate appropriate sanctions per HIPAA sanction policy.At the direction of supervisor or privacy officer, complete notification documents for breach or validated complaint events. In conjunction with supervisor or Privacy Officer, work with regulatory bodies to provide information related to past events, and investigative actions and results.Qualifications
Experience
3 – 5 years in health care privacy or compliance investigations; Strong communication and analytical skills required. Ability to dialogue with public.Required Education
Bachelor’s degree strongly preferredRequired Licensure and Certifications
Certification in Health Care Privacy and Security, Health Care Compliance desiredRequired Minimum Knowledge, Skills and Abilities
Demonstrated knowledge of HIPAA.Computer skillsGood verbal and written communication skillsAbility to work with the public as well as internal customers